Votre question

Pubs intempestives et ralentissements [RESOLU]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
29 Décembre 2008 23:47:51

Bonjour à tous,

Mon Pc est lent ces derniers temps et il y a des pubs qui apparaissent très très souvent.

J'ai fait un scan avec Norton à jour, il met le trojan en quarantaine mais revient tout le temps. Pareil avec Ad-Aware et spybot ils le trouvent et l'efface mais revient tout le temps.

Je suis sous XP

Merci de à l'avance de votre aide,

J'ai fait un scan hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:51:35, on 2008-12-29
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Citrix\Client ICA\ssonsvr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\fast.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.canoe.com/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: D - {7BF9F344-72CF-344A-9D1B-3B7D25C37D34} - C:\WINDOWS\system32\xsl27629.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UniPrint] C:\PROGRA~1\UniPrint\Client\SetDfltSettings.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [SymLnch] "C:\Documents and Settings\proprietaire\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe" "C:\Documents and Settings\proprietaire\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe" "/REALUPREBOOT /temp /patched"
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'Default user')
O4 - .DEFAULT Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Rechercher sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Camille Gagné\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - https://extranet.inalco.com/install/Install/isetupml.ca...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/d...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/d...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://geo.ville.quebec.qc.ca/carte_int/acgm.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 17519 bytes

Autres pages sur : pubs intempestives ralentissements resolu

30 Décembre 2008 20:04:21

Bonsoir linedeca,

*Télécharge LOP S&D (merci Eric71) : http://eric.71.mespages.googlepages.com/lop.sd.exe
-Double-clique dessus pour lancer l' installation, puis sur le raccourci Lop S&D présent sur ton Bureau.
-Sélectionne la langue souhaitée et choisis l' option 1 (Recherche).
-Patiente jusqu' à la fin du scan.
-Poste le rapport généré (situé également ici : C:\lopR.txt).

NB : Si le Bureau ne réapparaît pas, lance le gestionnaire des tâches en cliquant sur Ctrl+Alt+Suppr, ensuite onglet Fichier>Nouvelle tâche et tape explorer.exe puis valide).

A+ tard;).
30 Décembre 2008 22:08:30

Bonsoir,

J'ai également noté un mauvais fonctionnement avec google lors de recherche, lorsque je sélectionne un lien je suis dirigé sur des sites publicitaires.

Voici le rapport généré par LOP S&D :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Default System BIOS
USER : proprietaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.0.0.60 (Activated)
Firewall : Norton Internet Security 15.0.0.60 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:28 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2008-12-30|15:56 )

--------------------\\ Listing des dossiers dans APPLIC~1

[2006-02-22|04:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[2006-12-10|11:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[2008-07-31|21:06] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Adobe
[2006-03-12|10:53] C:\DOCUME~1\AIMIEG~1\APPLIC~1\AdobeUM
[2007-02-15|12:17] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Apple Computer
[2007-12-23|21:58] C:\DOCUME~1\AIMIEG~1\APPLIC~1\ArcSoft
[2006-03-12|11:40] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Corel
[2006-03-13|21:24] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\AIMIEG~1\APPLIC~1\CyberLink
[2008-03-13|18:11] C:\DOCUME~1\AIMIEG~1\APPLIC~1\eBay
[2006-09-14|20:39] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Google
[2008-06-10|15:46] C:\DOCUME~1\AIMIEG~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Identities
[2006-08-11|18:50] C:\DOCUME~1\AIMIEG~1\APPLIC~1\IMVU
[2007-07-11|00:13] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Lavasoft
[2008-04-17|20:18] C:\DOCUME~1\AIMIEG~1\APPLIC~1\LimeWire
[2006-06-02|18:24] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Lionhead Studios
[2007-10-27|22:30] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Macromedia
[2008-12-27|02:59] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Microsoft
[2006-06-16|21:20] C:\DOCUME~1\AIMIEG~1\APPLIC~1\MSNInstaller
[2008-12-27|05:42] C:\DOCUME~1\AIMIEG~1\APPLIC~1\OpenOffice.org2
[2008-12-04|21:18] C:\DOCUME~1\AIMIEG~1\APPLIC~1\SanDisk
[2006-07-20|13:00] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Sun
[2008-07-03|21:10] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Symantec
[2006-02-27|17:09] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Template
[2008-04-04|20:53] C:\DOCUME~1\AIMIEG~1\APPLIC~1\WinRAR


[2008-10-08|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-07-16|00:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2007-06-21|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-03-14|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
[2006-03-05|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Broderbund Software
[2005-11-21|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2008-01-11|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
[2006-03-13|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[2008-12-27|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-03-11|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2008-04-30|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intuit Canada
[2008-12-27|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2006-04-29|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-12-28|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-10-08|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2006-02-24|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[2008-07-19|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[2007-06-28|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\popmediavchide
[2008-12-27|05:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-12-30|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2007-11-08|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-12-30|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
[2006-02-24|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-09-12|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2007-10-07|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[2008-05-07|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[2008-07-31|22:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Adobe
[2006-04-16|19:22] C:\DOCUME~1\CAMILL~1\APPLIC~1\AdobeUM
[2007-07-12|20:23] C:\DOCUME~1\CAMILL~1\APPLIC~1\Apple Computer
[2008-12-26|16:00] C:\DOCUME~1\CAMILL~1\APPLIC~1\ArcSoft
[2006-02-25|08:19] C:\DOCUME~1\CAMILL~1\APPLIC~1\Atari
[2006-03-12|21:19] C:\DOCUME~1\CAMILL~1\APPLIC~1\Corel
[2006-03-13|11:24] C:\DOCUME~1\CAMILL~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\CAMILL~1\APPLIC~1\CyberLink
[2008-01-12|09:42] C:\DOCUME~1\CAMILL~1\APPLIC~1\eBay
[2006-07-23|17:05] C:\DOCUME~1\CAMILL~1\APPLIC~1\FunWebProducts
[2006-09-15|20:10] C:\DOCUME~1\CAMILL~1\APPLIC~1\Google
[2006-04-27|19:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Help
[2006-04-16|23:28] C:\DOCUME~1\CAMILL~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\CAMILL~1\APPLIC~1\Identities
[2007-07-05|18:10] C:\DOCUME~1\CAMILL~1\APPLIC~1\IMVU
[2006-08-12|22:26] C:\DOCUME~1\CAMILL~1\APPLIC~1\Inspiration Software
[2007-03-03|09:56] C:\DOCUME~1\CAMILL~1\APPLIC~1\InstallShield
[2007-07-12|19:57] C:\DOCUME~1\CAMILL~1\APPLIC~1\LimeWire
[2006-02-25|11:29] C:\DOCUME~1\CAMILL~1\APPLIC~1\Lionhead Studios
[2007-05-04|13:22] C:\DOCUME~1\CAMILL~1\APPLIC~1\Macromedia
[2007-12-05|17:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Microsoft
[2008-12-27|00:21] C:\DOCUME~1\CAMILL~1\APPLIC~1\OpenOffice.org2
[2008-07-19|10:03] C:\DOCUME~1\CAMILL~1\APPLIC~1\PlayFirst
[2006-07-14|14:18] C:\DOCUME~1\CAMILL~1\APPLIC~1\Sun
[2008-07-04|01:04] C:\DOCUME~1\CAMILL~1\APPLIC~1\Symantec
[2006-03-07|09:32] C:\DOCUME~1\CAMILL~1\APPLIC~1\Template
[2008-05-08|19:33] C:\DOCUME~1\CAMILL~1\APPLIC~1\WinRAR


[2007-11-24|05:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[2006-02-22|04:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[2005-06-04|06:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2005-06-04|17:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2006-12-09|11:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2008-08-09|10:49] C:\DOCUME~1\MARIOG~1\APPLIC~1\Adobe
[2007-05-09|05:45] C:\DOCUME~1\MARIOG~1\APPLIC~1\AdobeUM
[2008-04-02|09:11] C:\DOCUME~1\MARIOG~1\APPLIC~1\Apple Computer
[2006-11-26|10:06] C:\DOCUME~1\MARIOG~1\APPLIC~1\Corel
[2006-11-19|10:13] C:\DOCUME~1\MARIOG~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\MARIOG~1\APPLIC~1\CyberLink
[2008-02-14|10:16] C:\DOCUME~1\MARIOG~1\APPLIC~1\eBay
[2007-03-25|12:06] C:\DOCUME~1\MARIOG~1\APPLIC~1\EPSON
[2006-10-15|09:27] C:\DOCUME~1\MARIOG~1\APPLIC~1\Google
[2007-05-20|22:14] C:\DOCUME~1\MARIOG~1\APPLIC~1\Help
[2006-11-19|15:41] C:\DOCUME~1\MARIOG~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\MARIOG~1\APPLIC~1\Identities
[2006-04-08|07:59] C:\DOCUME~1\MARIOG~1\APPLIC~1\Lavasoft
[2006-03-21|18:33] C:\DOCUME~1\MARIOG~1\APPLIC~1\Macromedia
[2008-05-20|09:17] C:\DOCUME~1\MARIOG~1\APPLIC~1\Microsoft
[2007-04-14|09:57] C:\DOCUME~1\MARIOG~1\APPLIC~1\Sun
[2008-07-05|06:01] C:\DOCUME~1\MARIOG~1\APPLIC~1\Symantec
[2006-05-07|07:27] C:\DOCUME~1\MARIOG~1\APPLIC~1\Template

[2005-06-04|06:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[2008-07-31|15:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[2008-05-16|09:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[2006-03-11|19:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[2007-07-27|13:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[2006-03-13|19:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[2007-02-17|11:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Atari
[2006-03-11|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Corel
[2006-03-11|20:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
[2008-01-11|13:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\eBay
[2007-03-25|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[2008-12-27|23:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[2006-04-07|20:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[2006-04-04|17:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[2006-08-19|20:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\IMVU
[2008-12-26|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Inspiration Software
[2008-08-31|10:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[2008-04-30|11:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intuit Canada
[2008-12-27|19:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[2006-02-24|12:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[2008-08-27|21:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[2006-12-30|22:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lionhead Studios
[2006-02-24|22:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[2008-08-24|17:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[2008-12-26|11:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Corporation
[2006-09-24|09:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[2008-07-03|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[2006-02-24|23:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2008-12-30 10:43][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-29 20:00][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - proprietaire.job
[2008-04-24 20:35][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[2008-04-24 20:35][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2008-12-30 15:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2008-12-30 01:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-05 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2008-10-08|20:32] C:\Program Files\Adobe
[2005-11-21|08:06] C:\Program Files\Ahead
[2008-12-26|13:54] C:\Program Files\AirPort
[2008-08-07|13:25] C:\Program Files\Apple Software Update
[2006-03-13|19:31] C:\Program Files\ArcSoft
[2008-12-26|12:03] C:\Program Files\Bonjour
[2007-12-26|16:42] C:\Program Files\CEDP Stealer 6.0 for Messenger
[2006-04-04|17:41] C:\Program Files\Citrix
[2008-12-27|03:01] C:\Program Files\Common Files
[2005-06-04|06:35] C:\Program Files\ComPlus Applications
[2008-12-26|14:02] C:\Program Files\Corel
[2005-11-21|08:29] C:\Program Files\CyberLink
[2008-09-16|17:21] C:\Program Files\DIFX
[2006-04-08|13:40] C:\Program Files\directx
[2006-03-05|19:14] C:\Program Files\EA GAMES
[2008-01-11|12:26] C:\Program Files\eBay
[2006-02-24|12:48] C:\Program Files\EPSON
[2006-03-09|20:50] C:\Program Files\EPSON Print CD
[2006-08-12|22:26] C:\Program Files\Essai Inspiration 7.5 Fran‡ais
[2008-12-27|19:50] C:\Program Files\Fichiers communs
[2008-12-27|23:41] C:\Program Files\Google
[2006-02-24|10:53] C:\Program Files\HighMAT CD Writing Wizard
[2006-04-02|17:35] C:\Program Files\Illustrate
[2008-04-30|11:52] C:\Program Files\ImpotRapide 2007
[2008-06-28|16:51] C:\Program Files\IMVU
[2008-12-26|14:10] C:\Program Files\Incomplete
[2008-12-26|12:48] C:\Program Files\InstallShield Installation Information
[2005-06-04|06:41] C:\Program Files\Intel
[2005-06-04|06:47] C:\Program Files\Intel Audio Studio
[2008-12-27|17:17] C:\Program Files\Internet Explorer
[2008-08-07|13:22] C:\Program Files\iPod
[2008-08-07|13:23] C:\Program Files\iTunes
[2008-12-26|12:43] C:\Program Files\Java
[2006-03-03|21:28] C:\Program Files\Kyodai Mahjongg 2006
[2008-12-27|19:51] C:\Program Files\Lavasoft
[2008-12-19|12:59] C:\Program Files\LimeWire
[2008-12-30|14:53] C:\Program Files\Logiciels
[2006-02-25|00:41] C:\Program Files\Logitech
[2008-09-08|19:52] C:\Program Files\Messenger
[2006-04-29|16:21] C:\Program Files\MessengerPlus! 3
[2005-11-14|15:06] C:\Program Files\Microsoft
[2007-09-14|02:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2005-06-04|06:37] C:\Program Files\microsoft frontpage
[2008-04-23|13:32] C:\Program Files\Microsoft IntelliPoint
[2008-04-23|13:29] C:\Program Files\Microsoft IntelliType Pro
[2008-06-18|17:35] C:\Program Files\Microsoft Office
[2008-09-11|02:02] C:\Program Files\Microsoft Works
[2005-11-14|15:13] C:\Program Files\Microsoft.NET
[2008-09-08|19:52] C:\Program Files\Movie Maker
[2008-06-18|17:34] C:\Program Files\MSECache
[2006-02-26|22:22] C:\Program Files\MSN
[2008-12-26|12:39] C:\Program Files\MSN Games
[2005-06-04|06:35] C:\Program Files\MSN Gaming Zone
[2008-05-07|22:41] C:\Program Files\MSN Messenger
[2006-02-24|10:58] C:\Program Files\MSXML 4.0
[2007-08-15|01:55] C:\Program Files\MSXML 6.0
[2008-09-08|19:48] C:\Program Files\NetMeeting
[2007-03-25|11:46] C:\Program Files\NewSoft
[2008-07-03|18:16] C:\Program Files\Norton Internet Security
[2008-10-08|21:20] C:\Program Files\NOS
[2005-06-04|06:35] C:\Program Files\Online Services
[2008-09-20|16:20] C:\Program Files\OpenOffice.org 2.4
[2008-09-08|19:48] C:\Program Files\Outlook Express
[2006-08-24|13:32] C:\Program Files\PhotoBrush
[2006-08-24|13:26] C:\Program Files\PhotoFiltre
[2006-03-12|18:46] C:\Program Files\PIXELA
[2008-07-04|00:14] C:\Program Files\QuickTime
[2007-04-17|06:55] C:\Program Files\RADVideo
[2006-03-07|21:10] C:\Program Files\ReflexiveArcade
[2006-03-07|21:12] C:\Program Files\Ricochet Xtreme
[2008-07-13|18:12] C:\Program Files\Safari
[2008-09-16|17:16] C:\Program Files\Samsung
[2008-08-31|10:51] C:\Program Files\Sandisk
[2005-06-04|06:36] C:\Program Files\Services en ligne
[2005-06-04|06:46] C:\Program Files\SigmaTel
[2008-12-26|12:34] C:\Program Files\Smiley Arcade
[2008-12-26|11:42] C:\Program Files\Sony
[2006-03-13|15:01] C:\Program Files\Sony Corporation
[2008-12-27|20:52] C:\Program Files\Spybot - Search & Destroy
[2008-07-04|07:46] C:\Program Files\Symantec
[2007-10-07|11:13] C:\Program Files\SystemRequirementsLab
[2006-05-09|16:37] C:\Program Files\Teamspeak2_RC2
[2007-02-27|22:07] C:\Program Files\THQ
[2008-12-29|16:46] C:\Program Files\Trend Micro
[2005-06-04|06:39] C:\Program Files\Uninstall Information
[2006-04-04|17:41] C:\Program Files\UniPrint
[2006-02-24|10:57] C:\Program Files\UPHClean
[2006-03-05|23:20] C:\Program Files\Web Publish
[2006-02-24|10:53] C:\Program Files\Windows Journal Viewer
[2008-05-07|22:57] C:\Program Files\Windows Live
[2007-12-01|11:26] C:\Program Files\Windows Live Favorites
[2008-12-28|13:46] C:\Program Files\Windows Live Safety Center
[2007-12-01|11:27] C:\Program Files\Windows Live Toolbar
[2006-12-10|13:41] C:\Program Files\Windows Media Connect 2
[2008-09-08|19:48] C:\Program Files\Windows Media Player
[2008-09-08|19:48] C:\Program Files\Windows NT
[2008-07-03|17:34] C:\Program Files\Windows Sidebar
[2005-06-04|06:36] C:\Program Files\WindowsUpdate
[2008-04-04|20:53] C:\Program Files\WinRAR
[2007-10-07|10:41] C:\Program Files\WinZip
[2005-06-04|06:37] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2008-10-08|20:34] C:\Program Files\Fichiers communs\Adobe
[2005-11-21|08:04] C:\Program Files\Fichiers communs\Ahead
[2008-04-30|11:02] C:\Program Files\Fichiers communs\AnswerWorks 4.0
[2007-07-16|00:52] C:\Program Files\Fichiers communs\Apple
[2007-12-23|21:56] C:\Program Files\Fichiers communs\ArcSoft
[2006-03-11|18:00] C:\Program Files\Fichiers communs\Corel
[2005-11-14|15:14] C:\Program Files\Fichiers communs\DESIGNER
[2006-03-13|18:05] C:\Program Files\Fichiers communs\element5 Shared
[2006-03-11|17:46] C:\Program Files\Fichiers communs\InstallShield
[2006-05-01|13:32] C:\Program Files\Fichiers communs\Intuit
[2006-07-03|01:38] C:\Program Files\Fichiers communs\Java
[2006-02-25|00:41] C:\Program Files\Fichiers communs\Logitech
[2008-08-22|02:05] C:\Program Files\Fichiers communs\Microsoft Shared
[2005-06-04|06:36] C:\Program Files\Fichiers communs\MSSoap
[2006-03-13|15:01] C:\Program Files\Fichiers communs\muvee Technologies
[2005-06-04|08:32] C:\Program Files\Fichiers communs\ODBC
[2005-06-04|06:36] C:\Program Files\Fichiers communs\Services
[2005-06-04|08:32] C:\Program Files\Fichiers communs\SpeechEngines
[2008-12-30|14:07] C:\Program Files\Fichiers communs\Symantec Shared
[2008-09-08|19:48] C:\Program Files\Fichiers communs\System
[2008-05-07|22:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-12-27|19:50] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 59 Processes )

IEXPLORE.EXE ~ [PID:3480]
IEXPLORE.EXE ~ [PID:2752]
IEXPLORE.EXE ~ [PID:756]
IEXPLORE.EXE ~ [PID:3124]
IEXPLORE.EXE ~ [PID:3440]
IEXPLORE.EXE ~ [PID:3180]
MsgPlus.exe ~ [PID:132]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\PROPRI~1\Cookies\proprietaire@partypoker[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 10038 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-30 15:57:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\WINDOWS\System32\
please note that you need administrator rights to perform deep scan

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:53][D:75]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:496][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:4923][D:27]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2008-12-30|14:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2008-12-30|15:12 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 2008-12-30|15:28 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 2008-12-30|15:49 - Option : [1]
5 - "C:\Lop SD\LopR_5.txt" - 2008-12-30|15:54 - Option : [1]
6 - "C:\Lop SD\LopR_6.txt" - 2008-12-30|15:58 - Option : [1]

--------------------\\ Fin du rapport a 15:58:10
Contenus similaires
31 Décembre 2008 01:53:39

Bonsoir linedeca,

* Double-clique sur le raccourci LOP S&D et choisis l' option 2. Cela va supprimer l' infection.
* A la fin de celle-ci, une recherche sera re-lancée.
* Le bloc-note s' ouvre. Poste son contenu dans ta prochaine réponse.

A+ tard;).
1 Janvier 2009 19:20:35

Bonsoir fredrix,

Les problèmes de pubs et avec google lors de recherche persistent toujours.

Voici le rapport après la sélection de l'option 2 de LOP S&D:


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Default System BIOS
USER : proprietaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.0.0.60 (Activated)
Firewall : Norton Internet Security 15.0.0.60 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:28 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 2008-12-31|20:15 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[2006-02-22|04:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[2006-12-10|11:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[2008-07-31|21:06] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Adobe
[2006-03-12|10:53] C:\DOCUME~1\AIMIEG~1\APPLIC~1\AdobeUM
[2007-02-15|12:17] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Apple Computer
[2007-12-23|21:58] C:\DOCUME~1\AIMIEG~1\APPLIC~1\ArcSoft
[2006-03-12|11:40] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Corel
[2006-03-13|21:24] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\AIMIEG~1\APPLIC~1\CyberLink
[2008-03-13|18:11] C:\DOCUME~1\AIMIEG~1\APPLIC~1\eBay
[2006-09-14|20:39] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Google
[2008-06-10|15:46] C:\DOCUME~1\AIMIEG~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Identities
[2006-08-11|18:50] C:\DOCUME~1\AIMIEG~1\APPLIC~1\IMVU
[2007-07-11|00:13] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Lavasoft
[2008-04-17|20:18] C:\DOCUME~1\AIMIEG~1\APPLIC~1\LimeWire
[2006-06-02|18:24] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Lionhead Studios
[2007-10-27|22:30] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Macromedia
[2008-12-27|02:59] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Microsoft
[2006-06-16|21:20] C:\DOCUME~1\AIMIEG~1\APPLIC~1\MSNInstaller
[2008-12-30|22:29] C:\DOCUME~1\AIMIEG~1\APPLIC~1\OpenOffice.org2
[2008-12-04|21:18] C:\DOCUME~1\AIMIEG~1\APPLIC~1\SanDisk
[2006-07-20|13:00] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Sun
[2008-07-03|21:10] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Symantec
[2006-02-27|17:09] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Template
[2008-04-04|20:53] C:\DOCUME~1\AIMIEG~1\APPLIC~1\WinRAR


[2008-10-08|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-07-16|00:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2007-06-21|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-03-14|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
[2006-03-05|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Broderbund Software
[2005-11-21|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2008-01-11|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
[2006-03-13|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[2008-12-27|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-03-11|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2008-04-30|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intuit Canada
[2008-12-27|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2006-04-29|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-12-28|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-10-08|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2006-02-24|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[2008-07-19|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[2007-06-28|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\popmediavchide
[2008-12-27|05:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-12-31|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2007-11-08|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-12-31|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
[2006-02-24|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-09-12|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2007-10-07|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[2008-05-07|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[2008-07-31|22:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Adobe
[2006-04-16|19:22] C:\DOCUME~1\CAMILL~1\APPLIC~1\AdobeUM
[2007-07-12|20:23] C:\DOCUME~1\CAMILL~1\APPLIC~1\Apple Computer
[2008-12-26|16:00] C:\DOCUME~1\CAMILL~1\APPLIC~1\ArcSoft
[2006-02-25|08:19] C:\DOCUME~1\CAMILL~1\APPLIC~1\Atari
[2006-03-12|21:19] C:\DOCUME~1\CAMILL~1\APPLIC~1\Corel
[2006-03-13|11:24] C:\DOCUME~1\CAMILL~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\CAMILL~1\APPLIC~1\CyberLink
[2008-01-12|09:42] C:\DOCUME~1\CAMILL~1\APPLIC~1\eBay
[2006-07-23|17:05] C:\DOCUME~1\CAMILL~1\APPLIC~1\FunWebProducts
[2006-09-15|20:10] C:\DOCUME~1\CAMILL~1\APPLIC~1\Google
[2006-04-27|19:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Help
[2006-04-16|23:28] C:\DOCUME~1\CAMILL~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\CAMILL~1\APPLIC~1\Identities
[2007-07-05|18:10] C:\DOCUME~1\CAMILL~1\APPLIC~1\IMVU
[2006-08-12|22:26] C:\DOCUME~1\CAMILL~1\APPLIC~1\Inspiration Software
[2007-03-03|09:56] C:\DOCUME~1\CAMILL~1\APPLIC~1\InstallShield
[2007-07-12|19:57] C:\DOCUME~1\CAMILL~1\APPLIC~1\LimeWire
[2006-02-25|11:29] C:\DOCUME~1\CAMILL~1\APPLIC~1\Lionhead Studios
[2007-05-04|13:22] C:\DOCUME~1\CAMILL~1\APPLIC~1\Macromedia
[2007-12-05|17:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Microsoft
[2008-12-27|00:21] C:\DOCUME~1\CAMILL~1\APPLIC~1\OpenOffice.org2
[2008-07-19|10:03] C:\DOCUME~1\CAMILL~1\APPLIC~1\PlayFirst
[2006-07-14|14:18] C:\DOCUME~1\CAMILL~1\APPLIC~1\Sun
[2008-07-04|01:04] C:\DOCUME~1\CAMILL~1\APPLIC~1\Symantec
[2006-03-07|09:32] C:\DOCUME~1\CAMILL~1\APPLIC~1\Template
[2008-05-08|19:33] C:\DOCUME~1\CAMILL~1\APPLIC~1\WinRAR


[2007-11-24|05:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[2006-02-22|04:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[2005-06-04|06:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2005-06-04|17:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2006-12-09|11:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2008-08-09|10:49] C:\DOCUME~1\MARIOG~1\APPLIC~1\Adobe
[2007-05-09|05:45] C:\DOCUME~1\MARIOG~1\APPLIC~1\AdobeUM
[2008-04-02|09:11] C:\DOCUME~1\MARIOG~1\APPLIC~1\Apple Computer
[2006-11-26|10:06] C:\DOCUME~1\MARIOG~1\APPLIC~1\Corel
[2006-11-19|10:13] C:\DOCUME~1\MARIOG~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\MARIOG~1\APPLIC~1\CyberLink
[2008-02-14|10:16] C:\DOCUME~1\MARIOG~1\APPLIC~1\eBay
[2007-03-25|12:06] C:\DOCUME~1\MARIOG~1\APPLIC~1\EPSON
[2006-10-15|09:27] C:\DOCUME~1\MARIOG~1\APPLIC~1\Google
[2007-05-20|22:14] C:\DOCUME~1\MARIOG~1\APPLIC~1\Help
[2006-11-19|15:41] C:\DOCUME~1\MARIOG~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\MARIOG~1\APPLIC~1\Identities
[2006-04-08|07:59] C:\DOCUME~1\MARIOG~1\APPLIC~1\Lavasoft
[2006-03-21|18:33] C:\DOCUME~1\MARIOG~1\APPLIC~1\Macromedia
[2008-05-20|09:17] C:\DOCUME~1\MARIOG~1\APPLIC~1\Microsoft
[2007-04-14|09:57] C:\DOCUME~1\MARIOG~1\APPLIC~1\Sun
[2008-07-05|06:01] C:\DOCUME~1\MARIOG~1\APPLIC~1\Symantec
[2006-05-07|07:27] C:\DOCUME~1\MARIOG~1\APPLIC~1\Template

[2005-06-04|06:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[2008-07-31|15:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[2008-05-16|09:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[2006-03-11|19:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[2007-07-27|13:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[2006-03-13|19:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[2007-02-17|11:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Atari
[2006-03-11|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Corel
[2006-03-11|20:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
[2008-01-11|13:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\eBay
[2007-03-25|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[2008-12-27|23:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[2006-04-07|20:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[2006-04-04|17:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[2006-08-19|20:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\IMVU
[2008-12-26|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Inspiration Software
[2008-08-31|10:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[2008-04-30|11:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intuit Canada
[2008-12-27|19:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[2006-02-24|12:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[2008-08-27|21:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[2006-12-30|22:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lionhead Studios
[2006-02-24|22:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[2008-08-24|17:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[2008-12-26|11:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Corporation
[2006-09-24|09:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[2008-07-03|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[2006-02-24|23:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2008-12-30 10:43][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-29 20:00][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - proprietaire.job
[2008-04-24 20:35][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[2008-04-24 20:35][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2008-12-31 19:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2008-12-30 22:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-05 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2008-10-08|20:32] C:\Program Files\Adobe
[2005-11-21|08:06] C:\Program Files\Ahead
[2008-12-26|13:54] C:\Program Files\AirPort
[2008-08-07|13:25] C:\Program Files\Apple Software Update
[2006-03-13|19:31] C:\Program Files\ArcSoft
[2008-12-26|12:03] C:\Program Files\Bonjour
[2007-12-26|16:42] C:\Program Files\CEDP Stealer 6.0 for Messenger
[2006-04-04|17:41] C:\Program Files\Citrix
[2008-12-27|03:01] C:\Program Files\Common Files
[2005-06-04|06:35] C:\Program Files\ComPlus Applications
[2008-12-26|14:02] C:\Program Files\Corel
[2005-11-21|08:29] C:\Program Files\CyberLink
[2008-09-16|17:21] C:\Program Files\DIFX
[2006-04-08|13:40] C:\Program Files\directx
[2006-03-05|19:14] C:\Program Files\EA GAMES
[2008-01-11|12:26] C:\Program Files\eBay
[2006-02-24|12:48] C:\Program Files\EPSON
[2006-03-09|20:50] C:\Program Files\EPSON Print CD
[2006-08-12|22:26] C:\Program Files\Essai Inspiration 7.5 Fran‡ais
[2008-12-27|19:50] C:\Program Files\Fichiers communs
[2008-12-27|23:41] C:\Program Files\Google
[2006-02-24|10:53] C:\Program Files\HighMAT CD Writing Wizard
[2006-04-02|17:35] C:\Program Files\Illustrate
[2008-04-30|11:52] C:\Program Files\ImpotRapide 2007
[2008-06-28|16:51] C:\Program Files\IMVU
[2008-12-26|14:10] C:\Program Files\Incomplete
[2008-12-26|12:48] C:\Program Files\InstallShield Installation Information
[2005-06-04|06:41] C:\Program Files\Intel
[2005-06-04|06:47] C:\Program Files\Intel Audio Studio
[2008-12-27|17:17] C:\Program Files\Internet Explorer
[2008-08-07|13:22] C:\Program Files\iPod
[2008-08-07|13:23] C:\Program Files\iTunes
[2008-12-26|12:43] C:\Program Files\Java
[2006-03-03|21:28] C:\Program Files\Kyodai Mahjongg 2006
[2008-12-27|19:51] C:\Program Files\Lavasoft
[2008-12-19|12:59] C:\Program Files\LimeWire
[2008-12-30|14:53] C:\Program Files\Logiciels
[2006-02-25|00:41] C:\Program Files\Logitech
[2008-09-08|19:52] C:\Program Files\Messenger
[2006-04-29|16:21] C:\Program Files\MessengerPlus! 3
[2005-11-14|15:06] C:\Program Files\Microsoft
[2007-09-14|02:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2005-06-04|06:37] C:\Program Files\microsoft frontpage
[2008-04-23|13:32] C:\Program Files\Microsoft IntelliPoint
[2008-04-23|13:29] C:\Program Files\Microsoft IntelliType Pro
[2008-06-18|17:35] C:\Program Files\Microsoft Office
[2008-09-11|02:02] C:\Program Files\Microsoft Works
[2005-11-14|15:13] C:\Program Files\Microsoft.NET
[2008-09-08|19:52] C:\Program Files\Movie Maker
[2008-06-18|17:34] C:\Program Files\MSECache
[2006-02-26|22:22] C:\Program Files\MSN
[2008-12-26|12:39] C:\Program Files\MSN Games
[2005-06-04|06:35] C:\Program Files\MSN Gaming Zone
[2008-05-07|22:41] C:\Program Files\MSN Messenger
[2006-02-24|10:58] C:\Program Files\MSXML 4.0
[2007-08-15|01:55] C:\Program Files\MSXML 6.0
[2008-09-08|19:48] C:\Program Files\NetMeeting
[2007-03-25|11:46] C:\Program Files\NewSoft
[2008-07-03|18:16] C:\Program Files\Norton Internet Security
[2008-10-08|21:20] C:\Program Files\NOS
[2005-06-04|06:35] C:\Program Files\Online Services
[2008-09-20|16:20] C:\Program Files\OpenOffice.org 2.4
[2008-09-08|19:48] C:\Program Files\Outlook Express
[2006-08-24|13:32] C:\Program Files\PhotoBrush
[2006-08-24|13:26] C:\Program Files\PhotoFiltre
[2006-03-12|18:46] C:\Program Files\PIXELA
[2008-07-04|00:14] C:\Program Files\QuickTime
[2007-04-17|06:55] C:\Program Files\RADVideo
[2006-03-07|21:10] C:\Program Files\ReflexiveArcade
[2006-03-07|21:12] C:\Program Files\Ricochet Xtreme
[2008-07-13|18:12] C:\Program Files\Safari
[2008-09-16|17:16] C:\Program Files\Samsung
[2008-08-31|10:51] C:\Program Files\Sandisk
[2005-06-04|06:36] C:\Program Files\Services en ligne
[2005-06-04|06:46] C:\Program Files\SigmaTel
[2008-12-26|12:34] C:\Program Files\Smiley Arcade
[2008-12-26|11:42] C:\Program Files\Sony
[2006-03-13|15:01] C:\Program Files\Sony Corporation
[2008-12-27|20:52] C:\Program Files\Spybot - Search & Destroy
[2008-07-04|07:46] C:\Program Files\Symantec
[2007-10-07|11:13] C:\Program Files\SystemRequirementsLab
[2006-05-09|16:37] C:\Program Files\Teamspeak2_RC2
[2007-02-27|22:07] C:\Program Files\THQ
[2008-12-29|16:46] C:\Program Files\Trend Micro
[2005-06-04|06:39] C:\Program Files\Uninstall Information
[2006-04-04|17:41] C:\Program Files\UniPrint
[2006-02-24|10:57] C:\Program Files\UPHClean
[2006-03-05|23:20] C:\Program Files\Web Publish
[2006-02-24|10:53] C:\Program Files\Windows Journal Viewer
[2008-05-07|22:57] C:\Program Files\Windows Live
[2007-12-01|11:26] C:\Program Files\Windows Live Favorites
[2008-12-28|13:46] C:\Program Files\Windows Live Safety Center
[2007-12-01|11:27] C:\Program Files\Windows Live Toolbar
[2006-12-10|13:41] C:\Program Files\Windows Media Connect 2
[2008-09-08|19:48] C:\Program Files\Windows Media Player
[2008-09-08|19:48] C:\Program Files\Windows NT
[2008-07-03|17:34] C:\Program Files\Windows Sidebar
[2005-06-04|06:36] C:\Program Files\WindowsUpdate
[2008-04-04|20:53] C:\Program Files\WinRAR
[2007-10-07|10:41] C:\Program Files\WinZip
[2005-06-04|06:37] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2008-10-08|20:34] C:\Program Files\Fichiers communs\Adobe
[2005-11-21|08:04] C:\Program Files\Fichiers communs\Ahead
[2008-04-30|11:02] C:\Program Files\Fichiers communs\AnswerWorks 4.0
[2007-07-16|00:52] C:\Program Files\Fichiers communs\Apple
[2007-12-23|21:56] C:\Program Files\Fichiers communs\ArcSoft
[2006-03-11|18:00] C:\Program Files\Fichiers communs\Corel
[2005-11-14|15:14] C:\Program Files\Fichiers communs\DESIGNER
[2006-03-13|18:05] C:\Program Files\Fichiers communs\element5 Shared
[2006-03-11|17:46] C:\Program Files\Fichiers communs\InstallShield
[2006-05-01|13:32] C:\Program Files\Fichiers communs\Intuit
[2006-07-03|01:38] C:\Program Files\Fichiers communs\Java
[2006-02-25|00:41] C:\Program Files\Fichiers communs\Logitech
[2008-08-22|02:05] C:\Program Files\Fichiers communs\Microsoft Shared
[2005-06-04|06:36] C:\Program Files\Fichiers communs\MSSoap
[2006-03-13|15:01] C:\Program Files\Fichiers communs\muvee Technologies
[2005-06-04|08:32] C:\Program Files\Fichiers communs\ODBC
[2005-06-04|06:36] C:\Program Files\Fichiers communs\Services
[2005-06-04|08:32] C:\Program Files\Fichiers communs\SpeechEngines
[2008-12-31|19:26] C:\Program Files\Fichiers communs\Symantec Shared
[2008-09-08|19:48] C:\Program Files\Fichiers communs\System
[2008-05-07|22:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-12-27|19:50] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 86 Processes )

MsgPlus.exe ~ [PID:2784]
MsgPlus.exe ~ [PID:1788]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\PROPRI~1\Cookies\proprietaire@partypoker[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-31 20:16:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\WINDOWS\System32\
please note that you need administrator rights to perform deep scan

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:72][D:75]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:509][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:6271][D:27]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2008-12-30|14:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2008-12-30|15:12 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 2008-12-30|15:28 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 2008-12-30|15:49 - Option : [1]
5 - "C:\Lop SD\LopR_5.txt" - 2008-12-30|15:54 - Option : [1]
6 - "C:\Lop SD\LopR_6.txt" - 2008-12-30|15:58 - Option : [1]
7 - "C:\Lop SD\LopR_7.txt" - 2008-12-30|18:17 - Option : [1]
8 - "C:\Lop SD\LopR_8.txt" - 2008-12-30|20:27 - Option : [1]
9 - "C:\Lop SD\LopR_9.txt" - 2008-12-31|20:17 - Option : [2]

--------------------\\ Fin du rapport a 20:17:49
1 Janvier 2009 21:39:45

Bonsoir linedeca,

1) Télécharge :
CCleaner 2.15.815 - Slim : http://www.ccleaner.com/download/builds.aspx
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures. Laisse-le avec ses réglages par défaut et ferme le programme pour l' instant.
Tuto : http://www.infos-du-net.com/telecharger/CCleaner,0301-1...

Malwarebytes' Anti-Malware :
http://www.besttechie.net/tools/mbam-setup.exe
Lance-le et une fois l' exécutable téléchargé, double-clique sur mbam-setup.exe, l' installation commence. Laisse-toi guider par l' assistant : Choix de la langue, acceptation de la licence, dossier par défaut... Pense à cocher la case Créer une icône sur le Bureau. Tu arrives à présent à la fin de l' installation, ferme le programme pour l' instant.

2) Redémarre en mode sans echec :
Voir à la lettre D : http://forum.pcastuces.com/sujet.asp?f=25&s=3902
Il te faudra choisir ta session habituelle, pas le compte Administrateur ou autre.
Important : A partir de l' étape 3 tu n' auras plus accès au net. Copie la suite des instructions dans un fichier texte, sur ton bureau.

3) Lance Malwarebytes' Anti-Malware :
Tuto : http://www.infos-du-net.com/forum/278396-11-tuto-malwar...

4) Lance : CCleaner
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler, cela peut durer longtemps la 1ère fois).
Puis clique sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois d' affilée et ferme CCleaner

5) Redémarre en mode normal :
Poste le rapport Malwarebytes' Anti-Malware.

A+ tard et meilleurs voeux;).
2 Janvier 2009 22:54:50

Bonsoir frederix,

Merci de ton aide et bonne année à tous!

Voici le log de Malwarebytes' Anti-Malware comme demandé:

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1596
Windows 5.1.2600 Service Pack 3

2009-01-02 15:44:00
mbam-log-2009-01-02 (15-44-00).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 282483
Temps écoulé: 3 hour(s), 0 minute(s), 59 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7bf9f344-72cf-344a-9d1b-3b7d25c37d34} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7bf9f344-72cf-344a-9d1b-3b7d25c37d34} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{db893839-10f0-4af9-92fa-b23528f530af} (Dialer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-0000-0000-0000-000020040000} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{792e3825-9020-3cb8-b24e-6ede0548bd6e} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a5ad95ca-64c3-3a72-afc2-9b784311178d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7bf9f344-72cf-344a-9d1b-3b7d25c37d34} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videosoft (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\xsl27629.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\monhftd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msiconf.exe (Trojan.Peed) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sl27629.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msqpdxjlylkxys.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\msqpdxodjtyqkl.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\msqpdxuuhabqlc.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alcé-David Gagné\age2_x1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.


3 Janvier 2009 00:37:14

Bonsoir linedeca,

dés que vous ouvrez une page Internet, vous vous retrouvez envahi(e) de fenêtres publicitaires nommées CiD, vous proposant de télécharger divers programmes, et vous ne savez plus quoi faire pour vous en débarrasser ? … Ces fenêtres révèlent en réalité la présence de l’adware Lop responsable de cette publicité intempestive dont vous êtes victime.
...
Cet adware s’installe lors de l’installation des logiciels suivants, en contrepartie de leur dite « gratuité » :

* Sponsors MSN plus !
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
* ...
...
En revanche, seul MSN plus ! propose explicitement à l’internaute d’installer ou non le sponsor (responsable de cette publicité abusive). Et par la suite, permettre de désinstaller facilement le sponsor en question.
...
"POLITIQUE DE PROTECTION DE LA VIE PRIVÉE"

CiD vous fournit le produit logiciel (le « logiciel ») gratuitement ou à un prix réduit en échange de votre acceptation à recevoir des messages publicitaires et promotionnels livrés par CiD et des tiers à votre ordinateur basés en partie sur les
mots-clés des sites web que vous - ou tout autre utilisateur de l'ordinateur - visitez.
Le contenu complémentaire peut inclure des publicités, des promotions, des liens à des sites web tiers ou autres documentations livrés à votre ordinateur qui correspondent à ce qui vous intéresse, basés en partie sur des mots-clés trouvés sur les sites web que vous visitez. (...)"
...

Pour les autres programmes cités précédemment, c’est différent, car le fait de désinstaller le logiciel p2p ne supprimera pas pour autant le sponsor, car celui-ci est dissimulé dans un autre programme nommé "CiDhelp" (ou "CiD-quelquechose" dans certains cas).

Remarque : la plupart du temps, la publicité générée par l’adware lop propose elle-même de télécharger d’autres programmes gratuits, comme des jeux, des chaînes de TV et radios etc. … qui, une fois téléchargés, installeront à leur tour d’autres malwares comme : navipromo, le dialer instant access … eux aussi générateurs de pubs ! Résultat : une infection « en cascade » se traduisant par une invasion de publicités en tout genre !
1ère Méthode de désinfection : suppression manuelle

* Démarrer en mode sans échec
* Aller dans le menu Démarrer
* Cliquer sur panneau de configuration
* Choisir le module ajout/suppression de programmes
* Pour Msn plus! : il suffit de désinstaller le sponsor :

* Pour les logiciels p2p indiqués un peu plus haut : il faut chercher et supprimer le sponsor lié à CiD :
o Supprimer les programmes suivants si présents :
+ Cid help
+ Circle Developement
+ Adverts


http://www.commentcamarche.net/faq/sujet-5996-comment-b...

A+ tard;).
3 Janvier 2009 19:17:45

Bonsoir frederix,

Je crois que mes problèmes sont réglés, mon ordinateur semble stable.

Les programmes à supprimer ne sont pas présents sur mon ordinateur (Sponsor sur Messenger plus, CID Help, Circle developement, Adverts).

J'ai aussi suivi le tutorial proposé, j'ai exécuté:
- À nouveau un scan avec LOP S&D
- CCleaner
- AVG anti spyware (il a détecté et supprimé 118 éléments)
- BitDefender (il a détecté 3 éléments qui ne sont pas surpprimés)


Voici le rapport lors du scan avec LOP S&D:


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Default System BIOS
USER : proprietaire ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.0.0.60 (Activated)
Firewall : Norton Internet Security 15.0.0.60 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:28 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2009-01-03| 0:29 )

--------------------\\ Listing des dossiers dans APPLIC~1

[2006-02-22|04:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[2006-12-10|11:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[2008-07-31|21:06] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Adobe
[2006-03-12|10:53] C:\DOCUME~1\AIMIEG~1\APPLIC~1\AdobeUM
[2007-02-15|12:17] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Apple Computer
[2007-12-23|21:58] C:\DOCUME~1\AIMIEG~1\APPLIC~1\ArcSoft
[2006-03-12|11:40] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Corel
[2006-03-13|21:24] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\AIMIEG~1\APPLIC~1\CyberLink
[2008-03-13|18:11] C:\DOCUME~1\AIMIEG~1\APPLIC~1\eBay
[2006-09-14|20:39] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Google
[2008-06-10|15:46] C:\DOCUME~1\AIMIEG~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Identities
[2006-08-11|18:50] C:\DOCUME~1\AIMIEG~1\APPLIC~1\IMVU
[2007-07-11|00:13] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Lavasoft
[2008-04-17|20:18] C:\DOCUME~1\AIMIEG~1\APPLIC~1\LimeWire
[2006-06-02|18:24] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Lionhead Studios
[2007-10-27|22:30] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Macromedia
[2008-12-27|02:59] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Microsoft
[2006-06-16|21:20] C:\DOCUME~1\AIMIEG~1\APPLIC~1\MSNInstaller
[2008-12-30|22:29] C:\DOCUME~1\AIMIEG~1\APPLIC~1\OpenOffice.org2
[2008-12-04|21:18] C:\DOCUME~1\AIMIEG~1\APPLIC~1\SanDisk
[2006-07-20|13:00] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Sun
[2008-07-03|21:10] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Symantec
[2006-02-27|17:09] C:\DOCUME~1\AIMIEG~1\APPLIC~1\Template
[2008-04-04|20:53] C:\DOCUME~1\AIMIEG~1\APPLIC~1\WinRAR


[2008-10-08|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-07-16|00:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2007-06-21|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-03-14|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
[2006-03-05|17:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Broderbund Software
[2005-11-21|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2008-01-11|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
[2006-03-13|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[2008-12-27|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-03-11|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2008-04-30|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intuit Canada
[2008-12-27|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2009-01-02|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2006-04-29|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-12-28|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-10-08|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2006-02-24|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[2008-07-19|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[2007-06-28|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\popmediavchide
[2009-01-02|23:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2009-01-02|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2007-11-08|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2009-01-03|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
[2006-02-24|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-09-12|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2007-10-07|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[2008-05-07|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[2008-07-31|22:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Adobe
[2006-04-16|19:22] C:\DOCUME~1\CAMILL~1\APPLIC~1\AdobeUM
[2007-07-12|20:23] C:\DOCUME~1\CAMILL~1\APPLIC~1\Apple Computer
[2008-12-26|16:00] C:\DOCUME~1\CAMILL~1\APPLIC~1\ArcSoft
[2006-02-25|08:19] C:\DOCUME~1\CAMILL~1\APPLIC~1\Atari
[2006-03-12|21:19] C:\DOCUME~1\CAMILL~1\APPLIC~1\Corel
[2006-03-13|11:24] C:\DOCUME~1\CAMILL~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\CAMILL~1\APPLIC~1\CyberLink
[2008-01-12|09:42] C:\DOCUME~1\CAMILL~1\APPLIC~1\eBay
[2006-07-23|17:05] C:\DOCUME~1\CAMILL~1\APPLIC~1\FunWebProducts
[2006-09-15|20:10] C:\DOCUME~1\CAMILL~1\APPLIC~1\Google
[2006-04-27|19:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Help
[2006-04-16|23:28] C:\DOCUME~1\CAMILL~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\CAMILL~1\APPLIC~1\Identities
[2007-07-05|18:10] C:\DOCUME~1\CAMILL~1\APPLIC~1\IMVU
[2006-08-12|22:26] C:\DOCUME~1\CAMILL~1\APPLIC~1\Inspiration Software
[2007-03-03|09:56] C:\DOCUME~1\CAMILL~1\APPLIC~1\InstallShield
[2007-07-12|19:57] C:\DOCUME~1\CAMILL~1\APPLIC~1\LimeWire
[2006-02-25|11:29] C:\DOCUME~1\CAMILL~1\APPLIC~1\Lionhead Studios
[2007-05-04|13:22] C:\DOCUME~1\CAMILL~1\APPLIC~1\Macromedia
[2007-12-05|17:52] C:\DOCUME~1\CAMILL~1\APPLIC~1\Microsoft
[2008-12-27|00:21] C:\DOCUME~1\CAMILL~1\APPLIC~1\OpenOffice.org2
[2008-07-19|10:03] C:\DOCUME~1\CAMILL~1\APPLIC~1\PlayFirst
[2006-07-14|14:18] C:\DOCUME~1\CAMILL~1\APPLIC~1\Sun
[2008-07-04|01:04] C:\DOCUME~1\CAMILL~1\APPLIC~1\Symantec
[2006-03-07|09:32] C:\DOCUME~1\CAMILL~1\APPLIC~1\Template
[2008-05-08|19:33] C:\DOCUME~1\CAMILL~1\APPLIC~1\WinRAR


[2007-11-24|05:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[2006-02-22|04:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[2005-06-04|06:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2005-06-04|17:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2006-12-09|11:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2008-08-09|10:49] C:\DOCUME~1\MARIOG~1\APPLIC~1\Adobe
[2007-05-09|05:45] C:\DOCUME~1\MARIOG~1\APPLIC~1\AdobeUM
[2008-04-02|09:11] C:\DOCUME~1\MARIOG~1\APPLIC~1\Apple Computer
[2006-11-26|10:06] C:\DOCUME~1\MARIOG~1\APPLIC~1\Corel
[2006-11-19|10:13] C:\DOCUME~1\MARIOG~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\MARIOG~1\APPLIC~1\CyberLink
[2008-02-14|10:16] C:\DOCUME~1\MARIOG~1\APPLIC~1\eBay
[2007-03-25|12:06] C:\DOCUME~1\MARIOG~1\APPLIC~1\EPSON
[2006-10-15|09:27] C:\DOCUME~1\MARIOG~1\APPLIC~1\Google
[2007-05-20|22:14] C:\DOCUME~1\MARIOG~1\APPLIC~1\Help
[2006-11-19|15:41] C:\DOCUME~1\MARIOG~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\MARIOG~1\APPLIC~1\Identities
[2006-04-08|07:59] C:\DOCUME~1\MARIOG~1\APPLIC~1\Lavasoft
[2006-03-21|18:33] C:\DOCUME~1\MARIOG~1\APPLIC~1\Macromedia
[2008-05-20|09:17] C:\DOCUME~1\MARIOG~1\APPLIC~1\Microsoft
[2007-04-14|09:57] C:\DOCUME~1\MARIOG~1\APPLIC~1\Sun
[2008-07-05|06:01] C:\DOCUME~1\MARIOG~1\APPLIC~1\Symantec
[2006-05-07|07:27] C:\DOCUME~1\MARIOG~1\APPLIC~1\Template

[2005-06-04|06:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[2008-07-31|15:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[2008-05-16|09:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[2006-03-11|19:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[2007-07-27|13:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[2006-03-13|19:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[2007-02-17|11:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Atari
[2006-03-11|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Corel
[2006-03-11|20:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Corel Photo Album
[2006-02-22|04:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
[2008-01-11|13:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\eBay
[2007-03-25|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[2008-12-27|23:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[2006-04-07|20:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[2006-04-04|17:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\ICAClient
[2005-06-04|06:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[2006-08-19|20:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\IMVU
[2008-12-26|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Inspiration Software
[2008-08-31|10:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[2008-04-30|11:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Intuit Canada
[2008-12-27|19:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[2006-02-24|12:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[2008-08-27|21:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[2006-12-30|22:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lionhead Studios
[2006-02-24|22:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[2009-01-02|12:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[2008-08-24|17:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[2008-12-26|11:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Corporation
[2006-09-24|09:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[2008-07-03|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[2006-02-24|23:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2008-12-30 10:43][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-29 20:00][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - proprietaire.job
[2008-04-24 20:35][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[2008-04-24 20:35][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2009-01-03 00:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2009-01-02 16:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-05 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2008-10-08|20:32] C:\Program Files\Adobe
[2005-11-21|08:06] C:\Program Files\Ahead
[2008-12-26|13:54] C:\Program Files\AirPort
[2008-08-07|13:25] C:\Program Files\Apple Software Update
[2006-03-13|19:31] C:\Program Files\ArcSoft
[2008-12-26|12:03] C:\Program Files\Bonjour
[2009-01-02|12:14] C:\Program Files\CCleaner
[2007-12-26|16:42] C:\Program Files\CEDP Stealer 6.0 for Messenger
[2006-04-04|17:41] C:\Program Files\Citrix
[2008-12-27|03:01] C:\Program Files\Common Files
[2005-06-04|06:35] C:\Program Files\ComPlus Applications
[2008-12-26|14:02] C:\Program Files\Corel
[2005-11-21|08:29] C:\Program Files\CyberLink
[2008-09-16|17:21] C:\Program Files\DIFX
[2006-04-08|13:40] C:\Program Files\directx
[2006-03-05|19:14] C:\Program Files\EA GAMES
[2008-01-11|12:26] C:\Program Files\eBay
[2006-02-24|12:48] C:\Program Files\EPSON
[2006-03-09|20:50] C:\Program Files\EPSON Print CD
[2006-08-12|22:26] C:\Program Files\Essai Inspiration 7.5 Fran‡ais
[2008-12-27|19:50] C:\Program Files\Fichiers communs
[2008-12-27|23:41] C:\Program Files\Google
[2006-02-24|10:53] C:\Program Files\HighMAT CD Writing Wizard
[2006-04-02|17:35] C:\Program Files\Illustrate
[2008-04-30|11:52] C:\Program Files\ImpotRapide 2007
[2008-06-28|16:51] C:\Program Files\IMVU
[2008-12-26|14:10] C:\Program Files\Incomplete
[2008-12-26|12:48] C:\Program Files\InstallShield Installation Information
[2005-06-04|06:41] C:\Program Files\Intel
[2005-06-04|06:47] C:\Program Files\Intel Audio Studio
[2008-12-27|17:17] C:\Program Files\Internet Explorer
[2008-08-07|13:22] C:\Program Files\iPod
[2008-08-07|13:23] C:\Program Files\iTunes
[2008-12-26|12:43] C:\Program Files\Java
[2006-03-03|21:28] C:\Program Files\Kyodai Mahjongg 2006
[2008-12-27|19:51] C:\Program Files\Lavasoft
[2008-12-19|12:59] C:\Program Files\LimeWire
[2009-01-03|00:24] C:\Program Files\Logiciels
[2006-02-25|00:41] C:\Program Files\Logitech
[2009-01-02|12:16] C:\Program Files\Malwarebytes' Anti-Malware
[2008-09-08|19:52] C:\Program Files\Messenger
[2006-04-29|16:21] C:\Program Files\MessengerPlus! 3
[2005-11-14|15:06] C:\Program Files\Microsoft
[2007-09-14|02:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2005-06-04|06:37] C:\Program Files\microsoft frontpage
[2008-04-23|13:32] C:\Program Files\Microsoft IntelliPoint
[2008-04-23|13:29] C:\Program Files\Microsoft IntelliType Pro
[2008-06-18|17:35] C:\Program Files\Microsoft Office
[2008-09-11|02:02] C:\Program Files\Microsoft Works
[2005-11-14|15:13] C:\Program Files\Microsoft.NET
[2008-09-08|19:52] C:\Program Files\Movie Maker
[2008-06-18|17:34] C:\Program Files\MSECache
[2006-02-26|22:22] C:\Program Files\MSN
[2008-12-26|12:39] C:\Program Files\MSN Games
[2005-06-04|06:35] C:\Program Files\MSN Gaming Zone
[2008-05-07|22:41] C:\Program Files\MSN Messenger
[2006-02-24|10:58] C:\Program Files\MSXML 4.0
[2007-08-15|01:55] C:\Program Files\MSXML 6.0
[2008-09-08|19:48] C:\Program Files\NetMeeting
[2007-03-25|11:46] C:\Program Files\NewSoft
[2008-07-03|18:16] C:\Program Files\Norton Internet Security
[2008-10-08|21:20] C:\Program Files\NOS
[2005-06-04|06:35] C:\Program Files\Online Services
[2008-09-20|16:20] C:\Program Files\OpenOffice.org 2.4
[2008-09-08|19:48] C:\Program Files\Outlook Express
[2006-08-24|13:32] C:\Program Files\PhotoBrush
[2006-08-24|13:26] C:\Program Files\PhotoFiltre
[2006-03-12|18:46] C:\Program Files\PIXELA
[2008-07-04|00:14] C:\Program Files\QuickTime
[2007-04-17|06:55] C:\Program Files\RADVideo
[2006-03-07|21:10] C:\Program Files\ReflexiveArcade
[2006-03-07|21:12] C:\Program Files\Ricochet Xtreme
[2008-07-13|18:12] C:\Program Files\Safari
[2008-09-16|17:16] C:\Program Files\Samsung
[2008-08-31|10:51] C:\Program Files\Sandisk
[2005-06-04|06:36] C:\Program Files\Services en ligne
[2005-06-04|06:46] C:\Program Files\SigmaTel
[2008-12-26|12:34] C:\Program Files\Smiley Arcade
[2008-12-26|11:42] C:\Program Files\Sony
[2006-03-13|15:01] C:\Program Files\Sony Corporation
[2008-12-27|20:52] C:\Program Files\Spybot - Search & Destroy
[2008-07-04|07:46] C:\Program Files\Symantec
[2007-10-07|11:13] C:\Program Files\SystemRequirementsLab
[2006-05-09|16:37] C:\Program Files\Teamspeak2_RC2
[2007-02-27|22:07] C:\Program Files\THQ
[2008-12-29|16:46] C:\Program Files\Trend Micro
[2005-06-04|06:39] C:\Program Files\Uninstall Information
[2006-04-04|17:41] C:\Program Files\UniPrint
[2006-02-24|10:57] C:\Program Files\UPHClean
[2006-03-05|23:20] C:\Program Files\Web Publish
[2006-02-24|10:53] C:\Program Files\Windows Journal Viewer
[2008-05-07|22:57] C:\Program Files\Windows Live
[2007-12-01|11:26] C:\Program Files\Windows Live Favorites
[2008-12-28|13:46] C:\Program Files\Windows Live Safety Center
[2007-12-01|11:27] C:\Program Files\Windows Live Toolbar
[2006-12-10|13:41] C:\Program Files\Windows Media Connect 2
[2008-09-08|19:48] C:\Program Files\Windows Media Player
[2008-09-08|19:48] C:\Program Files\Windows NT
[2008-07-03|17:34] C:\Program Files\Windows Sidebar
[2005-06-04|06:36] C:\Program Files\WindowsUpdate
[2008-04-04|20:53] C:\Program Files\WinRAR
[2007-10-07|10:41] C:\Program Files\WinZip
[2005-06-04|06:37] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2008-10-08|20:34] C:\Program Files\Fichiers communs\Adobe
[2005-11-21|08:04] C:\Program Files\Fichiers communs\Ahead
[2008-04-30|11:02] C:\Program Files\Fichiers communs\AnswerWorks 4.0
[2007-07-16|00:52] C:\Program Files\Fichiers communs\Apple
[2007-12-23|21:56] C:\Program Files\Fichiers communs\ArcSoft
[2006-03-11|18:00] C:\Program Files\Fichiers communs\Corel
[2005-11-14|15:14] C:\Program Files\Fichiers communs\DESIGNER
[2006-03-13|18:05] C:\Program Files\Fichiers communs\element5 Shared
[2006-03-11|17:46] C:\Program Files\Fichiers communs\InstallShield
[2006-05-01|13:32] C:\Program Files\Fichiers communs\Intuit
[2006-07-03|01:38] C:\Program Files\Fichiers communs\Java
[2006-02-25|00:41] C:\Program Files\Fichiers communs\Logitech
[2008-08-22|02:05] C:\Program Files\Fichiers communs\Microsoft Shared
[2005-06-04|06:36] C:\Program Files\Fichiers communs\MSSoap
[2006-03-13|15:01] C:\Program Files\Fichiers communs\muvee Technologies
[2005-06-04|08:32] C:\Program Files\Fichiers communs\ODBC
[2005-06-04|06:36] C:\Program Files\Fichiers communs\Services
[2005-06-04|08:32] C:\Program Files\Fichiers communs\SpeechEngines
[2009-01-02|20:36] C:\Program Files\Fichiers communs\Symantec Shared
[2008-09-08|19:48] C:\Program Files\Fichiers communs\System
[2008-05-07|22:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-12-27|19:50] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 59 Processes )

MsgPlus.exe ~ [PID:1004]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-03 00:31:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:4][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:34][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:1318][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2008-12-30|14:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2008-12-30|15:12 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 2008-12-30|15:28 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 2008-12-30|15:49 - Option : [1]
5 - "C:\Lop SD\LopR_5.txt" - 2008-12-30|15:54 - Option : [1]
6 - "C:\Lop SD\LopR_6.txt" - 2008-12-30|15:58 - Option : [1]
7 - "C:\Lop SD\LopR_7.txt" - 2008-12-30|18:17 - Option : [1]
8 - "C:\Lop SD\LopR_8.txt" - 2008-12-30|20:27 - Option : [1]
9 - "C:\Lop SD\LopR_9.txt" - 2008-12-31|20:17 - Option : [2]
10 - "C:\Lop SD\LopR_10.txt" - 2009-01-03| 0:33 - Option : [1]

--------------------\\ Fin du rapport a 0:33:04

3 Janvier 2009 19:51:01

linedeca a dit :
> Je crois que mes problèmes sont réglés, mon ordinateur semble stable.


Bonsoir linedeca,

> Mais ce n' est pas sûr...

Désactive tes protections résidentes (seulement le temps du scan) : http://forum.pcastuces.com/desactiver_les_protections_r...
Télécharge Combofix.exe (par sUBs) sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double-clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.
Copie/colle ce rapport dans ta prochaine réponse.

A+ tard et bon w-e;).

4 Janvier 2009 00:41:13


Bonsoir frederix,

Voici le rapport généré par combofix.exe :

ComboFix 09-01-02.01 - proprietaire 2009-01-03 18:07:13.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.510.192 [GMT -5:00]
Lancé depuis: c:\program files\Logiciels\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\Camille Gagné\Application Data\FunWebProducts
c:\documents and settings\Camille Gagné\Application Data\FunWebProducts\Data\Camille Gagné\avatar.dat
c:\documents and settings\Camille Gagné\Application Data\FunWebProducts\Data\Camille Gagné\register.dat
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\customer_cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\heart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_down.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\plates.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\ticket.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\tray.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\music\mainmenumusic.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_bring_check_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_diner.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_food_ready_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_gain_heart_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pencil_write_2.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_rollover_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_seat_people_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\choosedifficulty.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\credits.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_lose.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_win.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\help1.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\help2.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\highscores.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelintro.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelintro_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelover.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelover_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\mainmenu.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\popup.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\popup_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upgradegrid.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upgradetitle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upsell.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowleft_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowleft_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowright_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowright_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\back_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\back_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backchalk.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backchalkup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backtomenu_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backtomenu_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\cancel.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\cancelup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\career_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\close.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\closeup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\continue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\continueover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\credits_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\credits_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\download_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\download_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\easy.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\easy_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\endlessshift.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\endlessshift_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\hard.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\hard_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\help.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\help_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\highscores.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\highscores_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\instructions_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\instructions_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\letsplay.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\letsplayover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\medium.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\medium_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\moreinfo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\moreinfoup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\off_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\on_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\pause.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\pauseover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitgame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitgameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\resumegame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\resumegameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\submit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\submitup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\tryagain.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\tryagainover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\upgrade_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\upgrade_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewglobal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewglobalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewhighscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewhighscoreon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewlocal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewlocalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\comics\webcomic.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\career.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\customer.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\endless.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\global.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\powerups.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\cook.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\cook.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\stove.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\arrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\click.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\click2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\grab.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\open.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\idle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\idle.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\lower.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\lower.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\upper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\upper.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts\arial.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts\komikaaxis.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\chair.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\chair.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dirt2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dirt4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dishcart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dishcart.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_on1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_on2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\ticketstation.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\ticketstation.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowdown.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowdownon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowleft.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowlefton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowright.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowrighton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowupon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\p1icon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\textedit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\title.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\fifth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\first_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\fourth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\second_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\playfirst_logo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\background.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\frames\upgrade_0001.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\upgrades.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\tableshadow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\choosedifficulty.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\chooseplayer.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\chooserestaurant.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\credits.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\game.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\gothighscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\help.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\help2.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscoreinfo.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscoresubmit.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\levelintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\levelover.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\loading.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\mainloop.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\mainmenu.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\ok.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\pause.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\style.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\tutorialintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\upgrade.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\upsell.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\webcomic.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\yesno.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\aol_logo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\gamelabsplash.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\playfirst_logo.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\strings.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\angersmoke.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\angersmoke.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\chairflags.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\chairflags.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\check.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\checkmark.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\clock.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\closed.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\closingtime.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\coinflip.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\coinflip.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\dollar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\coffee.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\tables.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\wallpaper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\expert.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\expertscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\foodpoof.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\foodpoof.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\fork_timer.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\goalcompleted.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\heartgrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\heartgrow.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\jar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\jar.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\level.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\level_career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\score.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\sound.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\staroff.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\staron.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tablenumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tablenumberup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\traynumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorial_character.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorialarrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorialbox.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgradeanim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgradeanim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\drinks.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\maitred.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\oven.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\select.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\shoes.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\stereo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\table.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\dinerdash.exe
c:\windows\Downloaded Program Files\setup.inf

----- BITS: Il y a peut-être des sites infectés -----

hxxp://i5i.in
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-03 au 2009-01-03 ))))))))))))))))))))))))))))))))))))
.

2009-01-03 12:26 . 2009-01-03 12:26 <REP> d-------- c:\documents and settings\Aimie Gagné\Application Data\Grisoft
2009-01-03 12:08 . 2009-01-03 11:58 17,923 --a------ C:\scanbitdefender2.html
2009-01-03 00:52 . 2009-01-03 00:52 <REP> d-------- c:\documents and settings\proprietaire\Application Data\Grisoft
2009-01-03 00:51 . 2009-01-03 00:51 <REP> d-------- c:\documents and settings\All Users\Application Data\Grisoft
2009-01-03 00:51 . 2007-05-30 07:10 10,872 --a------ c:\windows\system32\drivers\AvgAsCln.sys
2009-01-02 12:16 . 2009-01-02 12:16 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-02 12:16 . 2009-01-02 12:16 <REP> d-------- c:\documents and settings\proprietaire\Application Data\Malwarebytes
2009-01-02 12:16 . 2009-01-02 12:16 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-02 12:16 . 2008-12-03 19:59 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-02 12:16 . 2008-12-03 19:59 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-02 12:14 . 2009-01-02 12:14 <REP> d-------- c:\program files\CCleaner
2008-12-30 14:51 . 2009-01-03 00:33 <REP> d-------- C:\Lop SD
2008-12-29 16:46 . 2008-12-29 16:46 <REP> d-------- c:\program files\Trend Micro
2008-12-28 13:45 . 2008-12-28 13:46 <REP> d-------- c:\program files\Windows Live Safety Center
2008-12-27 19:51 . 2008-12-27 19:51 <REP> d-------- c:\program files\Lavasoft
2008-12-27 19:51 . 2008-12-27 19:57 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-27 19:50 . 2008-12-27 19:50 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard
2008-12-27 17:03 . 2008-12-27 17:03 <REP> d-------- c:\windows\AU_Temp
2008-12-27 15:13 . 2008-12-27 19:35 <REP> d-------- c:\documents and settings\proprietaire\.housecall6.6
2008-12-27 15:01 . 2009-01-03 11:58 <REP> d-------- c:\windows\BDOSCAN8
2008-12-27 14:29 . 2008-12-27 17:03 40 --a------ c:\windows\TSC.INI
2008-12-27 14:27 . 2008-12-27 14:27 <REP> d-------- c:\windows\AU_Log
2008-12-27 14:27 . 2008-12-27 14:27 507,904 --a------ c:\windows\TMUPDATE.DLL
2008-12-27 14:27 . 2008-12-27 14:27 286,720 --a------ c:\windows\PATCH.EXE
2008-12-27 14:27 . 2008-12-27 14:27 69,689 --a------ c:\windows\UNZIP.DLL
2008-12-27 13:56 . 2008-12-27 13:56 <REP> d-------- c:\windows\system32\Kaspersky Lab
2008-12-27 13:06 . 2008-12-28 12:42 357,768 --a------ c:\documents and settings\proprietaire\SymXPep2.dll
2008-12-27 05:30 . 2008-12-27 05:30 79 --a------ c:\windows\wininit.ini
2008-12-27 04:46 . 2008-12-27 20:52 <REP> d-------- c:\program files\Spybot - Search & Destroy
2008-12-27 04:46 . 2009-01-03 12:29 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-26 14:06 . 2008-12-26 14:06 <REP> d-------- c:\documents and settings\proprietaire\Application Data\Inspiration Software
2008-12-26 12:43 . 2006-12-15 02:09 49,265 --a------ c:\windows\system32\jpicpl32.cpl
2008-12-26 11:55 . 2008-12-26 11:55 <REP> d-------- c:\documents and settings\proprietaire\Application Data\Sony Corporation
2008-12-26 11:42 . 2006-11-02 16:57 118,520 --a------ c:\windows\system32\PxInsI64.exe
2008-12-26 11:42 . 2006-10-18 19:43 115,960 --a------ c:\windows\system32\PxCpyI64.exe
2008-12-26 11:42 . 2006-08-28 21:48 2,560 --a------ c:\windows\system32\drivers\cdralw2k.sys
2008-12-26 11:42 . 2006-08-28 21:48 2,432 --a------ c:\windows\system32\drivers\cdr4_xp.sys
2008-12-04 21:18 . 2008-12-04 21:18 <REP> d-------- c:\documents and settings\Aimie Gagné\Application Data\SanDisk

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-03 23:20 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2009-01-03 22:49 --------- d-----w c:\program files\Logiciels
2009-01-03 22:26 --------- d-----w c:\documents and settings\All Users\Application Data\WholeSecurity
2009-01-03 21:09 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-01-03 17:38 --------- d-----w c:\documents and settings\Aimie Gagné\Application Data\OpenOffice.org2
2008-12-28 04:41 --------- d-----w c:\program files\Google
2008-12-28 00:37 --------- d-----w c:\documents and settings\proprietaire\Application Data\Lavasoft
2008-12-27 08:01 --------- d-----w c:\program files\Common Files
2008-12-27 05:21 --------- d-----w c:\documents and settings\Camille Gagné\Application Data\OpenOffice.org2
2008-12-26 21:00 --------- d-----w c:\documents and settings\Camille Gagné\Application Data\ArcSoft
2008-12-26 19:10 --------- d-----w c:\program files\Incomplete
2008-12-26 19:02 --------- d-----w c:\program files\Corel
2008-12-26 18:54 --------- d-----w c:\program files\AirPort
2008-12-26 17:48 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-26 17:43 --------- d-----w c:\program files\Java
2008-12-26 17:39 --------- d-----w c:\program files\MSN Games
2008-12-26 17:34 --------- d-----w c:\program files\Smiley Arcade
2008-12-26 17:03 --------- d-----w c:\program files\Bonjour
2008-12-26 16:42 --------- d-----w c:\program files\Sony
2008-12-19 17:59 --------- d-----w c:\program files\LimeWire
2008-11-20 13:19 9,076 ----a-w c:\documents and settings\Camille Gagné\Application Data\wklnhst.dat
2008-11-10 18:14 123,968 ----a-w c:\documents and settings\Aimie Gagné\Application Data\GDIPFONTCACHEV1.DAT
2008-11-04 00:55 3,044 ----a-w c:\documents and settings\Aimie Gagné\Application Data\ViewerApp.dat
2008-10-27 15:01 3,468 ----a-w c:\documents and settings\Mario Gagné\Application Data\wklnhst.dat
2008-09-04 00:08 118,632 ----a-w c:\documents and settings\proprietaire\Application Data\GDIPFONTCACHEV1.DAT
2008-08-26 19:36 4,764 ----a-w c:\documents and settings\proprietaire\Application Data\wklnhst.dat
2008-06-17 01:33 560 ----a-w c:\documents and settings\Camille Gagné\Application Data\ViewerApp.dat
2008-04-25 22:33 2,496 ----a-w c:\documents and settings\Aimie Gagné\Application Data\wklnhst.dat
2008-01-25 12:46 836 ----a-w c:\documents and settings\proprietaire\Application Data\ViewerApp.dat
2006-11-25 14:41 560 ----a-w c:\documents and settings\Mario Gagné\Application Data\ViewerApp.dat
2008-09-09 01:28 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090820080909\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
"NBJ"="c:\progra~1\Ahead\NEROBA~1\NBJ.exe" [2005-04-14 1957888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-25 94208]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-25 114688]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2005-04-08 7081984]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008]
"BackgroundSwitcher"="c:\windows\system32\bgswitch.exe" [2001-10-19 19520]
"EPSON Stylus Photo R300 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE" [2003-06-03 99840]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"UniPrint"="c:\progra~1\UniPrint\Client\SetDfltSettings.exe" [2004-02-20 90112]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-04-29 190024]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-17 81920]
"eBayToolbar"="c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2008-08-10 652528]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2007-08-31 988584]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2007-08-24 714608]
"AirPort Base Station Agent"="c:\program files\AirPort\APAgent.exe" [2008-05-20 737280]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 75520]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"ISUSPM Startup"="c:\program files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"Ink Monitor"="c:\program files\EPSON\Ink Monitor\InkMonitor.exe" [2003-05-04 258116]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-25 77824]
"FastUser"="c:\windows\system32\fast.exe" [2001-10-19 49216]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"nwiz"="nwiz.exe" [2007-09-17 c:\windows\system32\nwiz.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SymLnch"="c:\documents and settings\proprietaire\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe" [2007-08-26 687976]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Aimie Gagn‚\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]

c:\documents and settings\Camille Gagn‚\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]

c:\documents and settings\proprietaire\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-12-26 385024]
wkcalrem.LNK - c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2005-08-19 21504]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
WinCinema Manager.lnk - c:\program files\Sandisk\Common\Bin\WinCinemaMgr.exe [2006-12-23 303104]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2006-03-13 151552]
Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2006-03-13 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=MsgPlusLoader.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iexplore.exe]
"Debugger"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\AirPort\\APAgent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:UDP"= 5353:UDP:Bonjour

R3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-05-29 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-11-28 99376]
R4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Fichiers communs\Symantec Shared\CCSVCHST.EXE [2007-08-24 149352]
S3 IAMTXP;Pilote de la technologie d’administration active Intel(R) - KCS;c:\windows\system32\drivers\IAMTXP.sys [2005-06-04 38528]

*Newly Created Service* - CATCHME
*Newly Created Service* - COMHOST
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-12-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-04-25 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2007-08-31 14:01]

2008-04-25 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\program files\Microsoft IntelliType Pro\itype.exe [2007-08-31 14:13]

2008-12-30 c:\windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - proprietaire.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-26 12:19]

2009-01-03 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKU-Default-Run-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www2.canoe.com/index.html
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
IE: Rechercher sur eBay - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Camille Gagné\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk

c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf

c:\windows\Downloaded Program Files\ddfotg.1.0.0.33.dll - O16 -: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19}
hxxp://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/diner_dash_flo_on_the_go/ddfotg.1.0.0.33.cab
c:\windows\Downloaded Program Files\ddfotg.1.0.0.33.inf

c:\windows\Downloaded Program Files\DinerDash.1.0.0.80.dll - O16 -: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6}
hxxp://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/diner_dash/DinerDash.1.0.0.80.cab
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80.inf

c:\windows\system32\msvcrt.dll - c:\windows\system32\snbdpl1.dll
c:\windows\system32\snbd10dm.dll
c:\windows\system32\igsnrn22.dll
c:\windows\system32\igsnpb22.dll
c:\windows\system32\igsnol22.dll
c:\windows\system32\igsncm22.dll
c:\windows\system32\browser.exa
c:\windows\system32\Acgm.Dll
O16 -: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7}
hxxp://geo.ville.quebec.qc.ca/carte_int/acgm.cab
c:\windows\Downloaded Program Files\acgm.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-03 18:20:36
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(952)
c:\windows\system32\MsgPlusLoader.dll
c:\windows\system32\igfxdev.dll

- - - - - - - > 'lsass.exe'(1012)
c:\windows\system32\MsgPlusLoader.dll
.
Heure de fin: 2009-01-03 18:23:34
ComboFix-quarantined-files.txt 2009-01-03 23:23:31

Avant-CF: 30 424 039 424 octets libres
Après-CF: 32,140,734,464 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

556
4 Janvier 2009 20:59:25

Bonsoir frederix,

Voici le rapport demandé de BitDefender:

BitDefender Online Scanner



Rapport d'analyse généré à: Sun, Jan 04, 2009 - 14:30:22





Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;







Statistiques

Temps
01:33:02

Fichiers
129975

Directoires
16191

Secteurs de boot
0

Archives
2911

Paquets programmes
13473




Résultats

Virus identifiés
2

Fichiers infectés
3

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
0




Info sur les moteurs

Définition virus
2404792

Version des moteurs
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Analyse des plugins
17

Archive des plugins
45

Unpack des plugins
7

E-mail plugins
6

Système plugins
4




Paramètres d'analyse

Première action
Message

Seconde Action
Aucun

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

C:\Program Files\Common Files\Ndm399a2rL.exe
Infecté par: Trojan.Agent.ALPJ

C:\System Volume Information\_restore{27A4D2E7-33DB-43AB-9573-75FD09F284D3}\RP1011\A1417322.dll
Infecté par: Backdoor.Generic.139787

C:\System Volume Information\_restore{27A4D2E7-33DB-43AB-9573-75FD09F284D3}\RP1012\A1417353.dll
Infecté par: Trojan.Agent.ALPJ













5 Janvier 2009 03:41:08

:hello: linedeca,

poste un nouveau rapport HijackThis...

A+ tard;).

Ps : Comment va ton Pc?
5 Janvier 2009 07:16:52

Bonsoir frederix,

Mon Pc va très bien. Je crois que les problèmes sont tous résolus.

Voici le rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:12:19, on 2009-01-05
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Citrix\Client ICA\ssonsvr.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
C:\WINDOWS\system32\fast.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.canoe.com/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UniPrint] C:\PROGRA~1\UniPrint\Client\SetDfltSettings.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\RunOnce: [SymLnch] "C:\Documents and Settings\proprietaire\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe" "C:\Documents and Settings\proprietaire\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe" "/REALUPREBOOT /temp /patched"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [NBJ] "C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe"
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'Alcé-David Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Alcé-David Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Alcé-David Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [2 draw] C:\DOCUME~1\ALC-DA~1\APPLIC~1\MAGSME~1\find mfcd bait.exe (User 'Alcé-David Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [vchideglobalmemo] C:\Documents and Settings\All Users\Application Data\popmediavchide\math win.exe (User 'Alcé-David Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Alcé-David Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Alcé-David Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1008\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Aimie Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1008\..\Run: [msiexec.exe] msiconf.exe (User 'Aimie Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1008\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'Aimie Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1009\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Camille Gagné')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-656895588-2562885984-601848032-1008 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Aimie Gagné')
O4 - S-1-5-21-656895588-2562885984-601848032-1008 User Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Aimie Gagné')
O4 - S-1-5-21-656895588-2562885984-601848032-1009 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Camille Gagné')
O4 - S-1-5-21-656895588-2562885984-601848032-1009 User Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User 'Camille Gagné')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Rechercher sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Camille Gagné\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - https://extranet.inalco.com/install/Install/isetupml.ca...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/d...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/d...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://geo.ville.quebec.qc.ca/carte_int/acgm.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 18358 bytes


6 Janvier 2009 00:07:54

Bonsoir linedeca,

lance HijackThis et ferme toutes les fenêtres de programme.

Vérifie qu' il fera des sauvegardes : Dans Config, coche Make backups before fixing items (protéger les objets avant de fixer) puis clique sur le bouton Back (retour). Ensuite, clique sur le bouton Do a system scan only (scanner seulement) et coche les cases situées devant les lignes ci-dessous :

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\RunOnce: [SymLnch] "C:\Documents and Settings\proprietaire\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe" "C:\Documents and Settings\proprietaire\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe" "/REALUPREBOOT /temp /patched"
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [2 draw] C:\DOCUME~1\ALC-DA~1\APPLIC~1\MAGSME~1\find mfcd bait.exe (User 'Alcé-David Gagné')
O4 - HKUS\S-1-5-21-656895588-2562885984-601848032-1007\..\Run: [vchideglobalmemo] C:\Documents and Settings\All Users\Application Data\popmediavchide\math win.exe (User 'Alcé-David Gagné')
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - https://extranet.inalco.com/install [...] etupml.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://msnfr.oberon-media.com/onli [...] 0.0.33.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/onli [...] 0.0.80.cab

Puis clique sur Fix checked (fixer objet).

Il faut mettre à jour ta machine Java (sous peine de faille de sécurité) :
http://java.sun.com/javase/downloads/index.jsp
Clique sur Download Java Runtime Environment (JRE) 6u11 et dans la page suivante, coche I agree et télécharge Windows Offline Installation, Multi-language/jre-6u11-windows-i586-p.exe/15.42 MB
Tu l' installeras navigateur fermé et dans Ajout/Suppression des programmes, supprime toutes les autres versions.

A+ tard;).
8 Janvier 2009 22:57:36

Bonsoir frederix,

Merci pour ton aide.

La mise à jour de ma machine Java est effectuée.
Voici le rapport HijackThis après avoir fixé les objets demandés:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:50:24, on 2009-01-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Citrix\Client ICA\ssonsvr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.canoe.com/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UniPrint] C:\PROGRA~1\UniPrint\Client\SetDfltSettings.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Rechercher sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_11.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_11.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Camille Gagné\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://geo.ville.quebec.qc.ca/carte_int/acgm.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 13633 bytes
8 Janvier 2009 23:29:53

Bonsoir linedeca,

si tu penses ne+ avoir de souci, ok...

* Je te conseille de défragmenter ton PC : http://www.coupdepoucepc.com/modules/news/article.php?s...
* Il est fortement recommandé d' avoir tous ses logiciels de sécurité à jour, afin d' éviter les failles par lesquelles s' engouffrent les infections.
* Tu peux supprimer tous les logiciels que nous avons utilisés (Lop S&D, Combofix...) qui traitent des infections spécifiques et qui sont mis à jour régulièrement. Il est inutile de les garder sur ton PC.
* Tu peux par contre garder Malwarebytes' Anti-Malware et CCleaner.

=========================================================================

Maintenant que ton PC n' est plus infecté, désactive la Restauration du système afin de créer un point de restauration sain.
Pour désactiver ou activer la Restauration du système, vous devez ouvrir une session Administrateur sous Windows XP.

Désactivation : Clique droit sur le Poste de travail>Propriétés, onglet Restauration du système et coche la case Désactiver la Restauration du système sur tous les lecteurs
Appliquer>Ok

Activation : Suis le même chemin, décoche la case Désactiver la Restauration du système sur tous les lecteurs
Appliquer>Ok, puis redémarre l' ordinateur.

=========================================================================

Pour améliorer la sécurité de ton PC, prends quelques instants pour lire : http://forum.pcastuces.com/prevention_et_protection___c...

==========================================================================

Dénonce ton infection pour faire condamner les auteurs.
Crée un message pour faire avancer les choses sur Malware-Complaints car nous devons être les plus nombreux possibles, rends compte de ton infection :

-Voir les règles du forum : http://www.malwarecomplaints.info/viewtopic.php?t=5
-Après t' être enregistré à l' aide du bouton du haut se nommant Register
Si tu as plus de 13 ans, choisis I Agree to these terms and am over or exactly 13 years of age
Si tu as moins, clique sur I Agree to these terms and am under 13 years of age

Tu as alors sous forme de liste, un sujet par type d' infection.
Tes infections : Lop...

Si le malware que tu as eu n' apparaît pas dans la liste ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections, conforme au règle du forum (âge, ville, département...)
Indique aussi le nom du Forum qui t' a aidé, Idn Sécurité

============================================================================

S' il te plait, note ton sujet en (Résolu)
Prudence sur Internet et parle d' Idn autour de toi!

A+ tard;).
10 Janvier 2009 03:42:40

Bonsoir frederix,

Je te remercie de ton aide, grâce à toi j'ai pu éviter le formatage !
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS