Se connecter / S'enregistrer
Votre question

win32:trojan-gen{other} et BV:Malware-gen

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Novembre 2008 00:13:07

bonsoir,
hier avast a détecté un ver, que je n'ai pas pu mettre en quarantaine ni le supprmé. j'ai planifié un scan au redemarrage mais rien a été trouvé. je suis aller dans le journal d'avast et donc hier , ai apparu win32:trojan-gen ainsi que bv:malware-gen. je suis aller voir donc sur les forum ou le probleme est similaire donc j'envoi ce que je sais. :??: 

Rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:09:32, on 18/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O1 - Hosts: 212.150.54.250 dv-networks.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [OPEN META AMOK README] C:\Documents and Settings\All Users\Application Data\compatomopenmeta\BYTEFOR.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1425378814-3513041143-3647909058-1008\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (User '?')
O4 - HKUS\S-1-5-21-1425378814-3513041143-3647909058-1008\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-21-1425378814-3513041143-3647909058-1008\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (User '?')
O4 - HKUS\S-1-5-21-1425378814-3513041143-3647909058-1008\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe (User '?')
O4 - HKUS\S-1-5-21-1425378814-3513041143-3647909058-1008\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User '?')
O4 - HKUS\S-1-5-21-1425378814-3513041143-3647909058-1008\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - S-1-5-21-1425378814-3513041143-3647909058-1008 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User '?')
O4 - S-1-5-21-1425378814-3513041143-3647909058-1008 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User '?')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://addict-aym.spaces.live.com//PhotoUpload/MsnPUpld...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 18278 bytes


:sarcastic: 

Autres pages sur : win32 trojan gen other malware gen

19 Novembre 2008 13:50:21

Bonjour
il ne fallait pas télécharger BitDownload... c'est un faux programme.
Télécharge Toolbar S&D de la Team IDN sur ton bureau.

  • Double-clique dessus pour lancer l'installation.
  • Accepte le contrat de licence.
  • Puis double-clique sur le raccourci Toolbar S&D présent sur ton bureau.
  • Sélectionne la langue souhaitée et valide par la touche entrée.
  • Choisis l'option 1 ( Recherche ).
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré. ( C:\TB.txt )
    19 Novembre 2008 19:58:51

    voila le rapport :


    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NORIOM ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081119-0] 4.8.1229 (Activated)
    B:\ (USB)
    C:\ (Local Disk) - NTFS - Total:179 Go (Free:2 Go)
    D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
    E:\ (CD or DVD)
    H:\ (USB)
    I:\ (USB)
    J:\ (CD or DVD)
    W:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [1] ( 19/11/2008|19:55 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\NORIOM\APPLIC~1\FunWebProducts
    C:\DOCUME~1\NORIOM\APPLIC~1\FunWebProducts\Data
    C:\Program Files\FunWebProducts
    C:\Program Files\FunWebProducts\ScreenSaver
    C:\Program Files\FunWebProducts\Shared
    C:\DOCUME~1\NORIOM\Cookies\noriom@hotbar[2].txt
    C:\Program Files\Multi_Media_France
    C:\Program Files\Multi_Media_France\INSTALL.LOG
    C:\Program Files\Multi_Media_France\tbMul1.dll
    C:\Program Files\Multi_Media_France\tbMult.dll
    C:\Program Files\Multi_Media_France\toolbar.cfg
    C:\Program Files\Multi_Media_France\UNWISE.EXE
    C:\Program Files\Multi_Media_France\UNWISE.INI
    C:\Program Files\MyWebSearch
    C:\Program Files\MyWebSearch\bar
    C:\Program Files\MyWebSearch\SrchAstt
    C:\DOCUME~1\NORIOM\Cookies\noriom@mywebsearch[2].txt
    C:\Program Files\PlayMP3z
    C:\Program Files\PlayMP3z\uninstall.exe
    C:\DOCUME~1\NORIOM\MENUDM~1\PROGRA~1\PlayMP3z
    C:\DOCUME~1\aymeric\APPLIC~1\ShoppingReport
    C:\DOCUME~1\aymeric\APPLIC~1\ShoppingReport\cs
    C:\DOCUME~1\HP_ADM~1\APPLIC~1\ShoppingReport
    C:\DOCUME~1\HP_ADM~1\APPLIC~1\ShoppingReport\cs
    C:\DOCUME~1\NORIOM\APPLIC~1\ShoppingReport
    C:\DOCUME~1\NORIOM\APPLIC~1\ShoppingReport\cs
    C:\Program Files\ShoppingReport
    C:\Program Files\ShoppingReport\Bin
    C:\Program Files\ShoppingReport\cs
    C:\Program Files\ShoppingReport\Uninst.exe
    C:\WINDOWS\System32\f3PSSavr.scr
    C:\Program Files\Internet Explorer\msimg32.dll
    C:\Program Files\MSN Messenger\riched20.dll
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\tem12.tmp.exe
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsa22.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsa51.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsf24.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsf25.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsg55.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsk21.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsl4F.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsl50.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsq23.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsq52.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsq53.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsq54.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsv20.tmp
    C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsv26.tmp
    Contenus similaires
    20 Novembre 2008 17:58:25

    bonsoir
    la prochaine fois, poste le rapport en entier stp
    Relance Toolbar S&D

  • Choisis cette fois-ci l'option 2. ( Suppression )
    Ton bureau va disparaitre, c'est normal. Laisse l'outil travailler.
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré. ( C:\TB.txt )
    20 Novembre 2008 20:28:32

    bonsoir;voici le rapport pour la deuxiemme solution (supression (2))


    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NORIOM ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081119-0] 4.8.1229 (Activated)
    B:\ (USB)
    C:\ (Local Disk) - NTFS - Total:179 Go (Free:2 Go)
    D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
    E:\ (CD or DVD)
    H:\ (USB)
    I:\ (USB)
    J:\ (CD or DVD) - UDF - Total:3 Go (Free:0 Go)
    W:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [2] ( 20/11/2008|20:10 )

    -----------\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\NORIOM\APPLIC~1\FunWebProducts\Data
    Supprime! - C:\Program Files\FunWebProducts\ScreenSaver
    Supprime! - C:\Program Files\FunWebProducts\Shared
    Supprime! - C:\DOCUME~1\NORIOM\Cookies\noriom@hotbar[2].txt
    Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG
    Supprime! - C:\Program Files\Multi_Media_France\tbMul1.dll
    Supprime! - C:\Program Files\Multi_Media_France\tbMult.dll
    Supprime! - C:\Program Files\Multi_Media_France\toolbar.cfg
    Supprime! - C:\Program Files\Multi_Media_France\UNWISE.EXE
    Supprime! - C:\Program Files\Multi_Media_France\UNWISE.INI
    Echec ! - C:\Program Files\MyWebSearch\bar
    Supprime! - C:\Program Files\MyWebSearch\SrchAstt
    Supprime! - C:\DOCUME~1\NORIOM\Cookies\noriom@mywebsearch[2].txt
    Supprime! - C:\Program Files\PlayMP3z\uninstall.exe
    Supprime! - C:\DOCUME~1\NORIOM\MENUDM~1\PROGRA~1\PlayMP3z
    Supprime! - C:\DOCUME~1\aymeric\APPLIC~1\ShoppingReport\cs
    Supprime! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\ShoppingReport\cs
    Supprime! - C:\DOCUME~1\NORIOM\APPLIC~1\ShoppingReport\cs
    Supprime! - C:\Program Files\ShoppingReport\Bin
    Supprime! - C:\Program Files\ShoppingReport\cs
    Supprime! - C:\Program Files\ShoppingReport\Uninst.exe
    Supprime! - C:\WINDOWS\System32\f3PSSavr.scr
    Supprime! - C:\Program Files\Internet Explorer\msimg32.dll
    Supprime! - C:\Program Files\MSN Messenger\riched20.dll
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\tem12.tmp.exe
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsa22.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsa51.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsf24.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsf25.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsg55.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsk21.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsl4F.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsl50.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsq23.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsq52.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsq53.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsq54.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsv20.tmp
    Supprime! - C:\DOCUME~1\NORIOM\LOCALS~1\Temp\nsv26.tmp
    Supprime! - C:\DOCUME~1\NORIOM\APPLIC~1\FunWebProducts
    Supprime! - C:\Program Files\FunWebProducts
    Supprime! - C:\Program Files\Multi_Media_France
    Echec ! - C:\Program Files\MyWebSearch
    Supprime! - C:\Program Files\PlayMP3z
    Supprime! - C:\DOCUME~1\aymeric\APPLIC~1\ShoppingReport
    Supprime! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\ShoppingReport
    Supprime! - C:\DOCUME~1\NORIOM\APPLIC~1\ShoppingReport
    Supprime! - C:\Program Files\ShoppingReport

    -----------\\ DEUXIEME PASSAGE

    Echec ! - C:\Program Files\MyWebSearch\bar
    Echec ! - C:\Program Files\MyWebSearch

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\MyWebSearch
    C:\Program Files\MyWebSearch\bar


    et la je reenvoi la recherche et ça donne ca, encore plus court:


    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NORIOM ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081120-0] 4.8.1229 (Activated)
    B:\ (USB)
    C:\ (Local Disk) - NTFS - Total:179 Go (Free:2 Go)
    D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
    E:\ (CD or DVD)
    H:\ (USB)
    I:\ (USB)
    J:\ (CD or DVD) - UDF - Total:3 Go (Free:0 Go)
    W:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [1] ( 20/11/2008|20:25 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\MyWebSearch
    C:\Program Files\MyWebSearch\bar


    20 Novembre 2008 22:28:11

    re

    refais un passage de l'option 2 en mode sans échec stp, poste le rapport

    Aide
    23 Novembre 2008 23:01:10

    bonsoir, voila le rapport en mode sans echec de l'option 2 biensur :


    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NORIOM ( Administrator )
    BOOT : Fail-safe boot
    Antivirus : avast! antivirus 4.8.1290 [VPS 081122-0] 4.8.1290 (Activated)
    B:\ (USB)
    C:\ (Local Disk) - NTFS - Total:179 Go (Free:4 Go)
    D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
    E:\ (CD or DVD)
    H:\ (USB)
    I:\ (USB)
    J:\ (CD or DVD)
    W:\ (USB)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [2] ( 23/11/2008|22:42 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\MyWebSearch\bar
    Supprime! - C:\Program Files\MyWebSearch

    -----------\\ Recherche de Fichiers / Dossiers ...

    24 Novembre 2008 22:20:57

    bonsoir
    reposte un log hijackthis stp
    24 Novembre 2008 22:52:21

    salut ; voila :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:50:50, on 24/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\Ares\Ares.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\HP\KBD\KBD.EXE
    c:\windows\system\hpsysdrv.exe
    C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
    R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
    R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O1 - Hosts: 212.150.54.250 dv-networks.com
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
    O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [OPEN META AMOK README] C:\Documents and Settings\All Users\Application Data\compatomopenmeta\BYTEFOR.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [BitDownload] "C:\Program Files\BitDownload\BitDownload.exe" /minimized
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
    O4 - Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://addict-aym.spaces.live.com//PhotoUpload/MsnPUpld...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 16335 bytes
    24 Novembre 2008 22:56:03

    re

    Télécharge Lop S&D.exe sur ton bureau

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Sélectionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )


    25 Novembre 2008 12:47:23

    bonjour, voila le rapport de LOP S&D


    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : NORIOM ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
    B:\ (USB)
    C:\ (Local Disk) - NTFS - Total:179 Go (Free:2 Go)
    D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
    E:\ (CD or DVD)
    H:\ (USB)
    I:\ (USB)
    J:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
    W:\ (USB)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( 25/11/2008|12:41 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [15/11/2005|03:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [02/01/2006|19:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [02/01/2006|18:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real

    [09/10/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [14/12/2006|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [26/07/2007|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [14/06/2007|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [10/01/2007|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [27/10/2008|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [28/07/2007|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\compatomopenmeta
    [02/01/2006|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [02/05/2007|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios
    [05/08/2007|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
    [26/11/2006|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [02/01/2006|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [14/10/2007|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
    [02/01/2006|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [01/12/2006|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
    [01/02/2007|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/11/2008|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [17/11/2008|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
    [04/11/2006|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [05/08/2007|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon
    [04/04/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [14/10/2007|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [07/08/2007|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Propellerhead Software
    [04/11/2006|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [05/08/2007|01:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Rule Actions
    [02/01/2006|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [02/01/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [16/09/2007|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
    [19/03/2007|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [30/10/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [03/11/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
    [04/04/2007|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [04/11/2006|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [05/08/2007|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
    [12/01/2007|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [11/12/2007|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [12/11/2006|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [14/01/2008|22:58] C:\DOCUME~1\aymeric\APPLIC~1\Adobe
    [04/12/2006|19:44] C:\DOCUME~1\aymeric\APPLIC~1\AdobeUM
    [14/06/2007|15:22] C:\DOCUME~1\aymeric\APPLIC~1\Apple Computer
    [14/06/2007|15:59] C:\DOCUME~1\aymeric\APPLIC~1\CyberLink
    [14/02/2007|19:40] C:\DOCUME~1\aymeric\APPLIC~1\Google
    [02/01/2008|23:07] C:\DOCUME~1\aymeric\APPLIC~1\gtk-2.0
    [20/11/2006|06:55] C:\DOCUME~1\aymeric\APPLIC~1\Help
    [15/04/2007|17:03] C:\DOCUME~1\aymeric\APPLIC~1\HP
    [03/01/2008|21:40] C:\DOCUME~1\aymeric\APPLIC~1\HPQ
    [15/11/2005|03:22] C:\DOCUME~1\aymeric\APPLIC~1\Identities
    [08/12/2006|17:35] C:\DOCUME~1\aymeric\APPLIC~1\Leadertech
    [10/12/2006|22:56] C:\DOCUME~1\aymeric\APPLIC~1\Macromedia
    [21/07/2007|00:42] C:\DOCUME~1\aymeric\APPLIC~1\Microsoft
    [05/08/2007|01:45] C:\DOCUME~1\aymeric\APPLIC~1\Nikon
    [16/10/2007|07:55] C:\DOCUME~1\aymeric\APPLIC~1\PC Suite
    [20/11/2006|19:44] C:\DOCUME~1\aymeric\APPLIC~1\Real
    [11/11/2008|12:17] C:\DOCUME~1\aymeric\APPLIC~1\Smart Panel
    [08/12/2006|17:35] C:\DOCUME~1\aymeric\APPLIC~1\Sonic
    [07/03/2007|15:42] C:\DOCUME~1\aymeric\APPLIC~1\Sun
    [23/02/2007|16:38] C:\DOCUME~1\aymeric\APPLIC~1\Template
    [28/04/2007|17:19] C:\DOCUME~1\aymeric\APPLIC~1\vlc
    [11/12/2007|16:25] C:\DOCUME~1\aymeric\APPLIC~1\Windows Live Writer

    [15/11/2005|03:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [02/01/2006|19:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [02/01/2006|18:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

    [28/12/2007|20:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
    [25/02/2007|02:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
    [19/01/2007|00:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Apple Computer
    [19/11/2008|19:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BitDownload
    [12/12/2006|19:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Corel
    [18/02/2007|23:29] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink
    [13/03/2007|21:43] C:\DOCUME~1\HP_ADM~1\APPLIC~1\dvdcss
    [10/04/2007|11:09] C:\DOCUME~1\HP_ADM~1\APPLIC~1\EPSON
    [04/11/2006|09:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FotoWire
    [12/11/2006|09:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FrostWire
    [14/02/2007|18:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
    [08/11/2006|10:25] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help
    [18/12/2006|10:29] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Hewlett-Packard
    [12/11/2006|00:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
    [03/11/2006|23:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
    [15/11/2005|03:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
    [04/11/2006|12:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
    [03/11/2006|19:25] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
    [02/08/2008|12:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
    [04/11/2006|16:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft Web Folders
    [08/11/2006|19:57] C:\DOCUME~1\HP_ADM~1\APPLIC~1\muvee Technologies
    [14/10/2007|20:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Nokia
    [14/10/2007|21:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Nokia Multimedia Player
    [18/12/2006|17:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Opera
    [14/10/2007|20:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PC Suite
    [07/08/2007|15:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Program Owns More
    [09/11/2006|11:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
    [16/03/2007|14:23] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Screenshot Sender
    [10/04/2007|11:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Smart Panel
    [04/11/2006|12:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
    [10/11/2006|23:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
    [15/07/2007|12:45] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Symantec
    [18/02/2007|12:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\teamspeak2
    [17/12/2006|13:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template
    [31/01/2007|16:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\vlc

    [15/11/2005|03:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [02/01/2006|19:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [16/12/2007|12:23] C:\DOCUME~1\INVIT~1\APPLIC~1\PC Suite
    [02/01/2006|18:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Real

    [12/01/2007|19:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [15/11/2005|03:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [05/02/2008|21:00] C:\DOCUME~1\NORIOM\APPLIC~1\AccurateRip
    [27/10/2008|19:52] C:\DOCUME~1\NORIOM\APPLIC~1\Adobe
    [21/04/2007|11:20] C:\DOCUME~1\NORIOM\APPLIC~1\AdobeUM
    [19/06/2007|13:22] C:\DOCUME~1\NORIOM\APPLIC~1\Apple Computer
    [21/09/2007|12:25] C:\DOCUME~1\NORIOM\APPLIC~1\ArcSoft
    [07/08/2007|22:05] C:\DOCUME~1\NORIOM\APPLIC~1\Azureus
    [19/11/2008|23:02] C:\DOCUME~1\NORIOM\APPLIC~1\Bioshock
    [19/11/2008|19:47] C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload
    [14/10/2007|22:47] C:\DOCUME~1\NORIOM\APPLIC~1\Corel
    [22/08/2007|20:44] C:\DOCUME~1\NORIOM\APPLIC~1\CyberLink
    [10/02/2008|12:40] C:\DOCUME~1\NORIOM\APPLIC~1\dBpoweramp
    [07/11/2008|00:02] C:\DOCUME~1\NORIOM\APPLIC~1\dvdcss
    [18/09/2007|15:53] C:\DOCUME~1\NORIOM\APPLIC~1\Google
    [31/03/2007|13:36] C:\DOCUME~1\NORIOM\APPLIC~1\Help
    [29/09/2007|23:07] C:\DOCUME~1\NORIOM\APPLIC~1\Hewlett-Packard
    [22/08/2007|23:23] C:\DOCUME~1\NORIOM\APPLIC~1\HP
    [09/04/2007|11:25] C:\DOCUME~1\NORIOM\APPLIC~1\HPQ
    [15/11/2005|03:22] C:\DOCUME~1\NORIOM\APPLIC~1\Identities
    [17/11/2007|10:45] C:\DOCUME~1\NORIOM\APPLIC~1\InstallShield
    [09/04/2007|15:17] C:\DOCUME~1\NORIOM\APPLIC~1\Leadertech
    [31/03/2007|15:12] C:\DOCUME~1\NORIOM\APPLIC~1\Macromedia
    [17/11/2008|22:05] C:\DOCUME~1\NORIOM\APPLIC~1\Microsoft
    [17/11/2008|22:03] C:\DOCUME~1\NORIOM\APPLIC~1\Microsoft Game Studios
    [09/04/2007|15:12] C:\DOCUME~1\NORIOM\APPLIC~1\muvee Technologies
    [16/09/2007|01:17] C:\DOCUME~1\NORIOM\APPLIC~1\NetMedia Providers
    [07/08/2007|22:56] C:\DOCUME~1\NORIOM\APPLIC~1\Nikon
    [14/10/2007|21:16] C:\DOCUME~1\NORIOM\APPLIC~1\PC Suite
    [07/08/2007|21:28] C:\DOCUME~1\NORIOM\APPLIC~1\Propellerhead Software
    [24/09/2007|12:58] C:\DOCUME~1\NORIOM\APPLIC~1\Publish Providers
    [16/08/2008|15:48] C:\DOCUME~1\NORIOM\APPLIC~1\Real
    [17/11/2007|11:24] C:\DOCUME~1\NORIOM\APPLIC~1\SecuROM
    [11/10/2007|14:27] C:\DOCUME~1\NORIOM\APPLIC~1\Smart Panel
    [09/04/2007|15:17] C:\DOCUME~1\NORIOM\APPLIC~1\Sonic
    [16/09/2007|01:19] C:\DOCUME~1\NORIOM\APPLIC~1\Sony
    [20/04/2007|23:47] C:\DOCUME~1\NORIOM\APPLIC~1\Sun
    [21/01/2008|23:23] C:\DOCUME~1\NORIOM\APPLIC~1\Symantec
    [04/04/2007|21:15] C:\DOCUME~1\NORIOM\APPLIC~1\TuneUp Software
    [03/11/2008|16:29] C:\DOCUME~1\NORIOM\APPLIC~1\Uniblue
    [06/11/2007|01:23] C:\DOCUME~1\NORIOM\APPLIC~1\vlc

    [01/08/2008|14:47] C:\DOCUME~1\SAV\APPLIC~1\Adobe
    [01/08/2008|14:56] C:\DOCUME~1\SAV\APPLIC~1\Google
    [02/08/2008|12:39] C:\DOCUME~1\SAV\APPLIC~1\Help
    [02/08/2008|18:08] C:\DOCUME~1\SAV\APPLIC~1\HPQ
    [15/11/2005|03:22] C:\DOCUME~1\SAV\APPLIC~1\Identities
    [01/08/2008|15:18] C:\DOCUME~1\SAV\APPLIC~1\InstallShield
    [01/08/2008|14:33] C:\DOCUME~1\SAV\APPLIC~1\Macromedia
    [02/01/2006|19:18] C:\DOCUME~1\SAV\APPLIC~1\Microsoft
    [01/08/2008|14:46] C:\DOCUME~1\SAV\APPLIC~1\PC Suite
    [02/01/2006|18:41] C:\DOCUME~1\SAV\APPLIC~1\Real
    [13/11/2008|17:53] C:\DOCUME~1\SAV\APPLIC~1\vlc

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [28/10/2008 10:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25/11/2008 12:21][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [10/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [17/11/2007|10:45] C:\Program Files\2K Games
    [09/10/2008|19:55] C:\Program Files\Adobe
    [08/05/2007|13:31] C:\Program Files\Adobe DNG Converter
    [08/05/2007|13:31] C:\Program Files\Adobe Reader 7.0
    [08/05/2007|13:31] C:\Program Files\Adobe Solutions Network
    [08/05/2007|13:32] C:\Program Files\Aide
    [18/05/2007|23:40] C:\Program Files\Alwil Software
    [17/10/2007|18:27] C:\Program Files\Apple Software Update
    [11/10/2007|20:29] C:\Program Files\Ares
    [08/05/2007|13:32] C:\Program Files\AutoPlay
    [22/09/2007|19:03] C:\Program Files\Azureus
    [11/10/2007|20:34] C:\Program Files\Bethesda Softworks
    [24/11/2006|19:39] C:\Program Files\Bigle 3D
    [19/03/2007|18:14] C:\Program Files\BitComet
    [10/01/2007|15:51] C:\Program Files\Boonty
    [10/01/2007|15:51] C:\Program Files\BoontyGames
    [04/11/2007|19:01] C:\Program Files\CAPCOM
    [04/02/2007|17:19] C:\Program Files\Codemasters
    [18/02/2007|01:00] C:\Program Files\Common~1
    [12/11/2005|01:09] C:\Program Files\ComPlus Applications
    [12/12/2006|19:18] C:\Program Files\Corel
    [21/09/2007|23:51] C:\Program Files\Creative
    [19/09/2007|22:25] C:\Program Files\DAEMON Tools
    [14/10/2007|20:55] C:\Program Files\DIFX
    [04/11/2006|17:05] C:\Program Files\directx
    [12/11/2006|13:03] C:\Program Files\DivX
    [12/11/2006|13:47] C:\Program Files\DivX Auto-Play
    [19/09/2007|22:42] C:\Program Files\Doom 3
    [25/11/2007|12:17] C:\Program Files\EA Games
    [02/01/2006|19:00] C:\Program Files\EasyBits
    [18/02/2007|23:21] C:\Program Files\Eidos Interactive
    [01/10/2007|10:07] C:\Program Files\eMule
    [04/11/2008|15:55] C:\Program Files\epson
    [01/10/2008|17:28] C:\Program Files\Fichiers communs
    [26/11/2006|13:27] C:\Program Files\Fishtank Interactive
    [31/12/2007|14:32] C:\Program Files\fotoooo
    [04/12/2006|06:42] C:\Program Files\Fox
    [31/12/2007|14:32] C:\Program Files\FrenchOtto
    [31/12/2007|14:32] C:\Program Files\GameSpy Arcade
    [02/01/2006|18:13] C:\Program Files\GemMasterFrench
    [02/01/2008|23:00] C:\Program Files\GIMP-2.0
    [08/05/2007|13:32] C:\Program Files\Goodies
    [14/02/2007|18:04] C:\Program Files\Google
    [02/01/2006|19:00] C:\Program Files\Hewlett-Packard
    [02/01/2006|18:44] C:\Program Files\HP
    [02/01/2006|18:41] C:\Program Files\HP DigitalMedia Archive
    [25/11/2007|13:49] C:\Program Files\id Software
    [05/02/2008|21:00] C:\Program Files\Illustrate
    [08/05/2007|13:32] C:\Program Files\Informations Techniques
    [04/11/2008|15:55] C:\Program Files\InstallShield Installation Information
    [20/11/2008|20:11] C:\Program Files\Internet Explorer
    [17/12/2006|13:17] C:\Program Files\IrfanView
    [18/09/2007|15:37] C:\Program Files\ISO Commander
    [19/08/2008|20:13] C:\Program Files\Java
    [04/11/2006|10:01] C:\Program Files\Kodak
    [24/09/2008|20:12] C:\Program Files\Lame MP3 Codec
    [13/10/2008|18:32] C:\Program Files\LimeWire
    [13/11/2006|22:07] C:\Program Files\LitexMedia
    [04/11/2006|09:03] C:\Program Files\Logitech
    [21/07/2007|00:42] C:\Program Files\Macrogaming
    [23/09/2007|18:20] C:\Program Files\Maxis
    [05/10/2007|13:34] C:\Program Files\MenaceControle
    [14/08/2008|17:29] C:\Program Files\Messenger
    [20/05/2007|08:26] C:\Program Files\Messenger Plus! Live
    [30/09/2007|14:47] C:\Program Files\Metin2_France
    [01/10/2008|17:40] C:\Program Files\Microsoft
    [07/08/2007|15:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [04/11/2006|16:52] C:\Program Files\microsoft frontpage
    [17/11/2008|22:07] C:\Program Files\Microsoft Games
    [04/11/2006|16:52] C:\Program Files\Microsoft Office
    [16/09/2007|01:09] C:\Program Files\Microsoft SQL Server
    [04/11/2006|16:55] C:\Program Files\Microsoft Visual Studio
    [02/01/2006|18:45] C:\Program Files\Microsoft Works
    [15/11/2005|03:24] C:\Program Files\Movie Maker
    [04/12/2006|06:45] C:\Program Files\Mplayer
    [03/11/2006|16:34] C:\Program Files\MSN
    [15/11/2005|03:25] C:\Program Files\MSN Gaming Zone
    [20/11/2008|20:11] C:\Program Files\MSN Messenger
    [20/11/2006|09:51] C:\Program Files\MSXML 4.0
    [02/01/2006|18:47] C:\Program Files\muvee Technologies
    [15/11/2005|03:25] C:\Program Files\NetMeeting
    [05/08/2007|01:44] C:\Program Files\Nikon
    [14/10/2007|20:54] C:\Program Files\Nokia
    [04/11/2006|17:30] C:\Program Files\NovaLogic
    [15/11/2005|03:25] C:\Program Files\Online Services
    [24/09/2007|00:10] C:\Program Files\Online_TV
    [03/11/2006|16:26] C:\Program Files\Orange
    [14/06/2007|01:17] C:\Program Files\Outlook Express
    [21/10/2008|10:42] C:\Program Files\PC Connectivity Solution
    [02/01/2006|18:57] C:\Program Files\PC-Doctor 5 for Windows
    [09/01/2007|13:21] C:\Program Files\PiTrust
    [14/12/2006|20:04] C:\Program Files\PSCS2Updater
    [26/07/2007|10:11] C:\Program Files\QuickTime
    [02/01/2006|18:41] C:\Program Files\Real
    [09/11/2006|06:47] C:\Program Files\RM-X Player V4
    [03/11/2006|17:03] C:\Program Files\SAGEM
    [03/11/2006|17:03] C:\Program Files\SAGEM WiFi manager
    [24/09/2008|20:11] C:\Program Files\Samsung
    [03/11/2006|16:55] C:\Program Files\Securitoo
    [08/05/2007|13:32] C:\Program Files\Service client_le
    [02/01/2006|19:02] C:\Program Files\Services en ligne
    [23/09/2007|17:00] C:\Program Files\Share_Accelerator_MM
    [04/11/2006|10:42] C:\Program Files\Smart Panel
    [02/01/2006|18:42] C:\Program Files\Sonic
    [16/09/2007|01:07] C:\Program Files\Sony
    [16/09/2007|01:06] C:\Program Files\Sony Setup
    [04/11/2008|15:58] C:\Program Files\Soulseek
    [27/10/2008|13:50] C:\Program Files\Soulseek-Test
    [19/03/2007|18:30] C:\Program Files\Spybot - Search & Destroy
    [19/08/2008|20:13] C:\Program Files\Sun
    [28/07/2007|19:08] C:\Program Files\Symantec
    [18/11/2008|13:03] C:\Program Files\Trend Micro
    [18/02/2007|13:56] C:\Program Files\TryMedia
    [18/02/2007|23:26] C:\Program Files\Ubi Soft
    [04/11/2006|18:36] C:\Program Files\Ubisoft
    [19/05/2007|09:02] C:\Program Files\Undisker
    [16/09/2007|01:09] C:\Program Files\Uninstall Information
    [06/11/2007|01:17] C:\Program Files\VideoLAN
    [16/09/2007|01:08] C:\Program Files\Vstplugins
    [25/11/2008|12:31] C:\Program Files\Wanadoo
    [01/10/2008|21:09] C:\Program Files\Windows Journal Viewer
    [01/10/2008|17:42] C:\Program Files\Windows Live
    [12/01/2007|19:33] C:\Program Files\Windows Media Connect 2
    [09/04/2007|10:43] C:\Program Files\Windows Media Player
    [15/11/2005|03:25] C:\Program Files\Windows NT
    [15/11/2005|03:25] C:\Program Files\Windows Plus
    [12/11/2005|01:09] C:\Program Files\WindowsUpdate
    [22/04/2007|10:49] C:\Program Files\WinRAR
    [13/01/2008|02:22] C:\Program Files\Wolfenstein - Enemy Territory
    [15/11/2005|03:26] C:\Program Files\xerox
    [24/11/2006|14:58] C:\Program Files\XRadiance
    [24/09/2008|20:12] C:\Program Files\XviD
    [12/11/2006|13:22] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [09/10/2008|19:55] C:\Program Files\Fichiers communs\Adobe
    [14/12/2006|19:51] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [26/07/2007|10:09] C:\Program Files\Fichiers communs\Apple
    [30/12/2007|09:13] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [10/01/2007|15:52] C:\Program Files\Fichiers communs\BOONTY Shared
    [12/12/2006|19:18] C:\Program Files\Fichiers communs\Corel
    [12/12/2006|19:19] C:\Program Files\Fichiers communs\Designer
    [04/11/2006|09:03] C:\Program Files\Fichiers communs\FotoWire
    [02/01/2006|18:37] C:\Program Files\Fichiers communs\HP
    [02/01/2006|18:58] C:\Program Files\Fichiers communs\InstallShield
    [02/01/2006|18:19] C:\Program Files\Fichiers communs\Java
    [04/11/2006|10:00] C:\Program Files\Fichiers communs\Kodak
    [02/01/2006|18:43] C:\Program Files\Fichiers communs\LightScribe
    [04/11/2006|09:01] C:\Program Files\Fichiers communs\Logitech
    [02/01/2006|18:43] C:\Program Files\Fichiers communs\LS Getting Started
    [01/10/2008|21:09] C:\Program Files\Fichiers communs\Microsoft Shared
    [15/11/2005|03:24] C:\Program Files\Fichiers communs\MSSoap
    [02/01/2006|18:46] C:\Program Files\Fichiers communs\muvee Technologies
    [05/08/2007|01:45] C:\Program Files\Fichiers communs\Nikon
    [14/10/2007|20:54] C:\Program Files\Fichiers communs\Nokia
    [15/11/2005|03:24] C:\Program Files\Fichiers communs\ODBC
    [14/10/2007|20:54] C:\Program Files\Fichiers communs\PCSuite
    [19/08/2008|19:58] C:\Program Files\Fichiers communs\Real
    [15/11/2005|03:24] C:\Program Files\Fichiers communs\Services
    [02/01/2006|18:42] C:\Program Files\Fichiers communs\Sonic Shared
    [15/11/2005|03:24] C:\Program Files\Fichiers communs\SpeechEngines
    [02/01/2006|18:42] C:\Program Files\Fichiers communs\SureThing Shared
    [21/01/2008|23:07] C:\Program Files\Fichiers communs\Symantec Shared
    [14/06/2007|01:17] C:\Program Files\Fichiers communs\System
    [02/01/2006|18:42] C:\Program Files\Fichiers communs\TiVo Shared
    [18/06/2007|16:42] C:\Program Files\Fichiers communs\Vbox
    [01/10/2008|17:28] C:\Program Files\Fichiers communs\Windows Live
    [11/12/2007|16:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [19/08/2008|19:58] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 78 Processes )

    iexplore.exe ~ [PID:2744]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\HP_ADM~1\APPLIC~1\Bitdownload
    C:\DOCUME~1\NORIOM\APPLIC~1\Bitdownload
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\BitDownload.ini
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\btdht.dat
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\DHTLog.txt
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\lib.vcs
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\PlayLists
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\RoutingTree.bin
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\search.ini
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\Shared.dat
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\ShareHistory.dat
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\SPK.bin
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\Storage
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\Torrents
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\trdnld.vcs
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\trupld.vcs
    C:\DOCUME~1\NORIOM\APPLIC~1\BitDownload\URLs.ini
    C:\DOCUME~1\NORIOM\MENUDM~1\PROGRA~1\BitDownload
    C:\DOCUME~1\NORIOM\MENUDM~1\PROGRA~1\BitDownload\BitDownload Downloads.lnk
    C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-002ED0A0.pf
    C:\DOCUME~1\NORIOM\Cookies\noriom@www.adserver5[1].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@advertising[2].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@adex.bigpoint[1].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@adin.bigpoint[1].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@bigpoint[1].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@adopt.euroclick[1].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@pacificpoker[1].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@fr1.seafight[2].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@seafight[1].txt
    C:\DOCUME~1\NORIOM\Cookies\noriom@www.2xmoinscher[1].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitDownload"="\"C:\\Program Files\\BitDownload\\BitDownload.exe\" /minimized"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-25 12:42:37
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 47

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\NORIOM\Application Data\Microsoft\Office\R‚cents\Bioshock [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com].lnk
    C:\DOCUME~1\NORIOM\Bureau\Bioshock [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com]
    C:\DOCUME~1\NORIOM\Bureau\BioshockCrack
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen
    C:\DOCUME~1\NORIOM\Bureau\Bioshock [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com]\bioshock crack -=mininova.org=-.torrent
    C:\DOCUME~1\NORIOM\Bureau\Bioshock [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com]\Bioshock [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com].ISO
    C:\DOCUME~1\NORIOM\Bureau\Bioshock [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com]\BioshockCrack7516
    C:\DOCUME~1\NORIOM\Bureau\Bioshock [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com]\Toujours pareil.doc
    C:\DOCUME~1\NORIOM\Bureau\Bioshock [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com]\BioshockCrack7516\READ_ME.txt
    C:\DOCUME~1\NORIOM\Bureau\BioshockCrack\binkw32.dll
    C:\DOCUME~1\NORIOM\Bureau\BioshockCrack\Bioshock.exe
    C:\DOCUME~1\NORIOM\Bureau\BioshockCrack\paul.dll
    C:\DOCUME~1\NORIOM\Bureau\BioshockCrack\READ_ME.txt
    C:\DOCUME~1\NORIOM\Bureau\BioshockCrack\secu.eg.reg
    C:\DOCUME~1\NORIOM\Bureau\DOOM3_ULTIMATE.iso\doom3 eax crack and patch +{mininova.org}+.torrent
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN.INF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOTMGR
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DOCS
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\KEYGEN
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\KEYGEN.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\Norton Ghost v12.daa
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\patch fr norton ghost v12.zip
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SOURCES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SYMDRIVERINFO.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SYMINFO.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\UPDATELOCATOR
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.BMP
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.EXTENSION.BROWSECD.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.EXTENSION.DRIVERVALIDATION.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.EXTENSION.EXIT.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.EXTENSION.INSTALL.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.EXTENSION.LANGUAGE.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.EXTENSION.READMEFILE.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.EXTENSION.UPDATELOCATOR.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\AUTORUN.INI
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\CLICK.WAV
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\AUTORUN\HOVER.WAV
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\BCD
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\BOOT.SDI
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\BOOTFIX.BIN
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\EN-US
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\ETFSBOOT.COM
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\FONTS
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\EN-US\BOOTMGR.EXE.MUI
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\FONTS\CHS_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\FONTS\CHT_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\FONTS\JPN_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\FONTS\KOR_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\BOOT\FONTS\WGL4_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DOCS\ACROBAT
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DOCS\README.HTM
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DOCS\SREHELP_EN.HTM
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DOCS\USERGUIDE.PDF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DOCS\ACROBAT\EN
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DOCS\ACROBAT\EN\ACROBAT6.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_DE.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_ES.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_FR.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_IT.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_JA.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_KO.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_NL.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_PL.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_PT.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_SV.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_ZH_CN.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\BASE_ZH_TW.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_DE.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_ES.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_FR.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_IT.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_JA.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_KO.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_NL.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_PL.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_PT.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_SV.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_ZH_CN.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\DRIVERVALIDATION_ZH_TW.PROPERTIES
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\SYMDRIVERINFO.XML
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\DRIVER_VALIDATION\TEMP.TXT
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT\BOOT
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT\BOOT\BCD
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT\BOOT\FONTS
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT\BOOT\FONTS\CHS_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT\BOOT\FONTS\CHT_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT\BOOT\FONTS\JPN_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT\BOOT\FONTS\KOR_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\EFI\MICROSOFT\BOOT\FONTS\WGL4_BOOT.TTF
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1028.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1031.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1033.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1034.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1036.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1040.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1041.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1042.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1043.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1045.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1046.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\1053.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\2052.MST
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\DATA1.CAB
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\NGHOST12.MSI
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\SETTINGS.INI
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\INSTALL\SETUP.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\KEYGEN\KEYGEN.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SOURCES\BOOT.WIM
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\DOTNET
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\LUPDATE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\PARTINFO.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\SEAST.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\SMEDUMP.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\DOTNET\DOTNETFX.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\DOTNET\NETFX64.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\LUPDATE\EN
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\LUPDATE\EN\LUCHECK.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\SUPPORT\LUPDATE\EN\LUSETUP.EXE
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\UPDATELOCATOR\EN
    C:\DOCUME~1\NORIOM\Bureau\Norton Ghost v12 + Working Keygen\UPDATELOCATOR\EN\UPDTLCTR.EXE
    C:\DOCUME~1\NORIOM\Bureau\TmNationsForever\ACID PRO 6\keygen.exe
    C:\DOCUME~1\NORIOM\Local Settings\Temp\$Undisker$\40285B06\CRACK ~1
    C:\DOCUME~1\NORIOM\Local Settings\Temp\$Undisker$\40285B06\CRACK ~1\KEYGEN.EXE
    C:\DOCUME~1\NORIOM\Mes documents\Ma musique\greg musik\Doom 3 1.3 CRACK
    C:\DOCUME~1\NORIOM\Mes documents\Ma musique\greg musik\Doom 3 1.3 CRACK\DOOM3.EXE
    C:\DOCUME~1\NORIOM\Mes documents\Ma musique\greg musik\Doom 3 1.3 CRACK\DOOM3.nfo
    C:\DOCUME~1\NORIOM\Mes documents\Ma musique\greg musik\Doom 3 1.3 CRACK\DOOM3.rar
    C:\DOCUME~1\NORIOM\Mes documents\Ma musique\greg musik\Kanye West\Late Registration\08 kanye west - crack music (feat. the game).mp3
    C:\DOCUME~1\NORIOM\Mes documents\Ma musique\gregoire\Adobe.Photoshop.CS2.v9.0.1.FR.Incl-Crack.et.Keygen.rar
    C:\DOCUME~1\NORIOM\Mes documents\Ma musique\gregoire\Crack et Keygen
    C:\DOCUME~1\NORIOM\Mes documents\Ma musique\gregoire\Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe
    C:\DOCUME~1\NORIOM\Mes documents\Mes fichiers re‡us\Fallout..3.FRENCH-KAO\crack
    C:\DOCUME~1\NORIOM\Mes documents\telechargement\-=mininova.org=- bioshock [pcdvd + crack][spanish en ge fr it].torrent
    C:\DOCUME~1\NORIOM\Mes documents\telechargement\[isoHunt] Halo_2_XP_Online_Multiplayer_Crack[1].3827791.TPB.torrent
    C:\DOCUME~1\NORIOM\Recent\BioshockCrack7516.lnk
    C:\DOCUME~1\NORIOM\Recent\Crack Illustrator CS2 Francais.lnk
    C:\DOCUME~1\NORIOM\Recent\[isoHunt] Halo_2_XP_Online_Multiplayer_Crack[1].3827791.TPB.lnk


    [F:4785][D:209]-> C:\DOCUME~1\NORIOM\LOCALS~1\Temp
    [F:1241][D:0]-> C:\DOCUME~1\NORIOM\Cookies
    [F:14859][D:29]-> C:\DOCUME~1\NORIOM\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 25/11/2008|12:45 - Option : [1]

    --------------------\\ Fin du rapport a 12:45:21
    25 Novembre 2008 22:36:31

    re
    vire tes cracks pourris, causes de tes multiples infections. :o 
    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré ( C:\lopR.txt )
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS