Votre question

Ordi lent, infecté et fenêtres de pub : help !

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
24 Août 2008 20:03:05

Bonsoir,

Après pas mal de souci pour télécharger Hijackthis, j'ai enfin réussi et voilà le rapport, est-ce-que qqu'un peut m'aider.
Par avance merci beaucoup.

Logfile of HijackThis v1.99.1
Scan saved at 19:56:59, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\documents and settings\patrice\local settings\application data\caswequ.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\Patrice\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[3].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AXIS TONS THE MP3] C:\Documents and Settings\All Users\Application Data\Readme Live Axis Tons\ball memo.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
O4 - HKCU\..\Run: [caswequ] "c:\documents and settings\patrice\local settings\application data\caswequ.exe" caswequ
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?a435fdbd7e0246c1bd12fcf97329cba
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?a435fdbd7e0246c1bd12fcf97329cba
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpl...
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

Autres pages sur : ordi lent infecte fenetres pub help

a b 8 Sécurité
24 Août 2008 21:00:10

Bonjour,

Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    * le nom de la partition peut changer
    25 Août 2008 18:56:13

    Bonsoir,

    Merci bocou pour votre réponse.
    Voici le rapport de LopS&D :


    --------------------\\ Lop S&D 4.2.3-4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    Award Medallion BIOS v6.00PG
    BOOT : Normal boot

    "C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
    Option : [1] ( 25/08/2008|18:48 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [29/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [11/02/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
    [10/03/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [30/01/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [02/11/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [16/08/2004|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [08/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [18/09/2006|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [23/08/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [10/07/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [05/11/2006|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure
    [11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [31/08/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/03/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
    [05/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
    [16/07/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
    [04/07/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [15/01/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [20/08/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
    [16/08/2004|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [08/01/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
    [24/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [20/08/2008|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    [22/08/2008|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [15/07/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [25/05/2006|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [04/01/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [10/03/2006|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [03/06/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [14/09/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [11/05/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [16/08/2004|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [16/08/2004|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [10/03/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [10/03/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [10/03/2006|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
    [10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

    [23/02/2007|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [16/08/2004|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [14/02/2007|15:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [11/02/2008|17:41] C:\DOCUME~1\Patrice\APPLIC~1\Adobe
    [04/09/2007|17:33] C:\DOCUME~1\Patrice\APPLIC~1\AdobeUM
    [13/03/2006|19:34] C:\DOCUME~1\Patrice\APPLIC~1\ArcSoft
    [02/11/2006|15:52] C:\DOCUME~1\Patrice\APPLIC~1\CyberLink
    [16/08/2004|18:55] C:\DOCUME~1\Patrice\APPLIC~1\desktop.ini
    [24/06/2008|22:37] C:\DOCUME~1\Patrice\APPLIC~1\EPSON
    [02/05/2008|15:10] C:\DOCUME~1\Patrice\APPLIC~1\GDIPFONTCACHEV1.DAT
    [18/09/2006|18:20] C:\DOCUME~1\Patrice\APPLIC~1\Google
    [10/03/2006|18:24] C:\DOCUME~1\Patrice\APPLIC~1\Help
    [01/07/2008|19:44] C:\DOCUME~1\Patrice\APPLIC~1\Icone
    [11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Identities
    [30/01/2008|22:04] C:\DOCUME~1\Patrice\APPLIC~1\InstallShield
    [10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Leadertech
    [19/08/2007|17:36] C:\DOCUME~1\Patrice\APPLIC~1\LEGO Company
    [31/08/2007|18:05] C:\DOCUME~1\Patrice\APPLIC~1\Macromedia
    [14/09/2007|19:10] C:\DOCUME~1\Patrice\APPLIC~1\Microsoft
    [10/03/2006|20:15] C:\DOCUME~1\Patrice\APPLIC~1\MSN Search Toolbar
    [10/03/2006|18:27] C:\DOCUME~1\Patrice\APPLIC~1\MSNInstaller
    [04/07/2008|20:47] C:\DOCUME~1\Patrice\APPLIC~1\PlayFirst
    [10/03/2006|22:53] C:\DOCUME~1\Patrice\APPLIC~1\Real
    [05/09/2006|23:57] C:\DOCUME~1\Patrice\APPLIC~1\SecuROM
    [10/05/2006|14:00] C:\DOCUME~1\Patrice\APPLIC~1\SendPix
    [10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Sonic
    [23/08/2008|22:54] C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    [10/03/2006|16:50] C:\DOCUME~1\Patrice\APPLIC~1\Sun
    [21/02/2008|21:27] C:\DOCUME~1\Patrice\APPLIC~1\Super-Cow
    [20/08/2008|12:34] C:\DOCUME~1\Patrice\APPLIC~1\Symantec
    [20/08/2008|12:22] C:\DOCUME~1\Patrice\APPLIC~1\Up Creative Skip
    [17/03/2006|19:50] C:\DOCUME~1\Patrice\APPLIC~1\yahoo!
    [10/03/2006|16:54] C:\DOCUME~1\Patrice\APPLIC~1\You've Got Pictures Screensaver
    [11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Zylom

    [03/07/2006|14:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
    [15/03/2006|14:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [20/08/2008 12:35][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Patrice.job
    [10/03/2006 17:13][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
    [25/08/2008 12:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/02/2007|19:03] C:\Program Files\3B Software
    [01/07/2007|16:59] C:\Program Files\Adibou et ses amis
    [29/04/2008|12:19] C:\Program Files\Adobe
    [10/03/2006|16:46] C:\Program Files\AMD
    [10/03/2006|17:52] C:\Program Files\AOL 9.0
    [10/03/2006|16:54] C:\Program Files\AOL Compagnon
    [10/03/2006|18:35] C:\Program Files\ArcSoft
    [30/01/2008|22:07] C:\Program Files\Avanquest update
    [16/07/2008|12:23] C:\Program Files\Beach Soccer
    [05/09/2006|23:57] C:\Program Files\BoontyGames
    [10/03/2006|18:13] C:\Program Files\Canon
    [26/11/2006|12:54] C:\Program Files\Chicken Invaders 2
    [25/05/2006|14:32] C:\Program Files\Chicken Invaders 2 Fran‡ais
    [20/08/2008|18:03] C:\Program Files\Circle Developement
    [30/01/2008|22:05] C:\Program Files\Common Files
    [16/08/2004|19:05] C:\Program Files\ComPlus Applications
    [10/03/2006|19:40] C:\Program Files\CosmoSoftware
    [02/11/2006|10:31] C:\Program Files\CyberLink
    [02/11/2006|10:31] C:\Program Files\CyberLink DVD Solution
    [10/03/2006|18:46] C:\Program Files\directx
    [07/07/2008|22:26] C:\Program Files\DVD Shrink
    [10/03/2006|16:59] C:\Program Files\Dynamic Toolbar
    [11/07/2008|18:44] C:\Program Files\eMule
    [04/01/2007|17:52] C:\Program Files\EPSON
    [20/08/2008|12:31] C:\Program Files\Fichiers communs
    [02/07/2007|17:38] C:\Program Files\Google
    [04/07/2008|17:12] C:\Program Files\Icone
    [16/07/2008|12:14] C:\Program Files\InstallShield Installation Information
    [15/08/2007|11:36] C:\Program Files\InterActual
    [18/08/2008|18:16] C:\Program Files\Internet Explorer
    [23/08/2006|13:54] C:\Program Files\Java
    [15/03/2006|15:36] C:\Program Files\K-Lite Codec Pack
    [10/03/2006|19:11] C:\Program Files\Larousse
    [10/03/2006|16:54] C:\Program Files\Learn2.com
    [04/07/2008|17:12] C:\Program Files\LETMIN
    [18/08/2008|18:15] C:\Program Files\Messenger
    [11/07/2008|16:06] C:\Program Files\Messenger Plus! Live
    [15/09/2007|19:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [16/08/2004|19:11] C:\Program Files\microsoft frontpage
    [17/03/2006|13:37] C:\Program Files\Microsoft Money
    [07/03/2008|12:21] C:\Program Files\microsoft office
    [10/03/2006|17:02] C:\Program Files\Microsoft Visual Studio
    [17/03/2006|13:35] C:\Program Files\Microsoft Works
    [17/03/2006|13:32] C:\Program Files\Microsoft Works Suite 2003
    [07/02/2008|16:31] C:\Program Files\monAlbumPhoto
    [30/01/2008|22:06] C:\Program Files\Motorola Phone Tools
    [14/07/2007|14:59] C:\Program Files\Movie Maker
    [10/03/2006|18:27] C:\Program Files\MSN
    [19/08/2008|21:19] C:\Program Files\MSN Games
    [16/08/2004|19:03] C:\Program Files\MSN Gaming Zone
    [11/07/2008|16:06] C:\Program Files\MSN Messenger
    [10/03/2006|20:10] C:\Program Files\MSN Toolbar Suite
    [19/11/2006|21:37] C:\Program Files\MSXML 4.0
    [16/08/2004|19:06] C:\Program Files\NetMeeting
    [20/08/2008|12:32] C:\Program Files\Norton Internet Security
    [16/08/2004|19:03] C:\Program Files\Online Services
    [13/06/2007|23:40] C:\Program Files\Outlook Express
    [10/05/2006|13:55] C:\Program Files\PixDiscount
    [10/03/2006|16:54] C:\Program Files\QuickTime
    [10/03/2006|16:54] C:\Program Files\Real
    [10/06/2006|19:14] C:\Program Files\ReflexiveArcade
    [20/03/2006|22:29] C:\Program Files\RM-X Player V3
    [23/04/2007|19:24] C:\Program Files\SAGEM
    [18/04/2007|10:16] C:\Program Files\Securitoo
    [16/08/2004|19:07] C:\Program Files\Services en ligne
    [08/01/2008|16:12] C:\Program Files\Skyline
    [19/08/2008|21:17] C:\Program Files\Sonic
    [23/08/2008|22:32] C:\Program Files\Spybot - Search & Destroy
    [20/08/2008|19:43] C:\Program Files\Spyware-Secure
    [23/08/2008|22:54] C:\Program Files\Starware354
    [20/08/2008|12:32] C:\Program Files\Symantec
    [05/09/2006|23:57] C:\Program Files\T‚l‚chargeur de Tomb Raider - Legend
    [24/08/2008|17:03] C:\Program Files\Trend Micro
    [16/08/2004|19:19] C:\Program Files\Uninstall Information
    [10/08/2004|00:30] C:\Program Files\Uninstall_CDS.exe
    [20/08/2008|12:19] C:\Program Files\Up Creative Skip
    [10/03/2006|16:54] C:\Program Files\Viewpoint
    [11/07/2008|16:06] C:\Program Files\Windows Live
    [23/02/2007|15:10] C:\Program Files\Windows Media Connect 2
    [23/02/2007|15:10] C:\Program Files\Windows Media Player
    [16/08/2004|19:03] C:\Program Files\Windows NT
    [20/08/2008|12:31] C:\Program Files\Windows Sidebar
    [16/08/2004|19:07] C:\Program Files\WindowsUpdate
    [16/08/2004|19:11] C:\Program Files\xerox
    [17/03/2006|19:50] C:\Program Files\Yahoo!
    [12/05/2008|12:32] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [10/03/2006|22:57] C:\Program Files\Fichiers communs\Adobe
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\AOL
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\aolshare
    [10/03/2006|17:02] C:\Program Files\Fichiers communs\Designer
    [04/01/2007|17:56] C:\Program Files\Fichiers communs\InstallShield
    [10/03/2006|16:50] C:\Program Files\Fichiers communs\Java
    [19/08/2008|21:31] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/01/2008|22:05] C:\Program Files\Fichiers communs\Motorola Shared
    [16/08/2004|19:06] C:\Program Files\Fichiers communs\MSSoap
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\Nullsoft
    [16/08/2004|18:57] C:\Program Files\Fichiers communs\ODBC
    [10/03/2006|17:00] C:\Program Files\Fichiers communs\Real
    [16/08/2004|19:06] C:\Program Files\Fichiers communs\Services
    [10/03/2006|19:46] C:\Program Files\Fichiers communs\snpp202
    [10/03/2006|17:03] C:\Program Files\Fichiers communs\Sonic Shared
    [16/08/2004|18:56] C:\Program Files\Fichiers communs\SpeechEngines
    [25/08/2008|14:29] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|23:40] C:\Program Files\Fichiers communs\System
    [10/03/2006|17:00] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 53 Processus )

    iexplore.exe ~ [PID:2324] ~ [Threads:19]
    iexplore.exe ~ [PID:2708] ~ [Threads:4]
    iexplore.exe ~ [PID:628] ~ [Threads:28]
    iexplore.exe ~ [PID:3912] ~ [Threads:23]
    iexplore.exe ~ [PID:3812] ~ [Threads:21]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\ball memo.exe
    C:\Program Files\Circle Developement
    C:\DOCUME~1\Patrice\Cookies\patrice@advertstream[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@d2.advertserve[1].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@www.adserver5[1].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@advertising[1].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@cotedazurpalace[1].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@adopt.euroclick[1].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[3].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@pacificpoker[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@partypoker[1].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@32vegas[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@banner.32vegas[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@888[1].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AXIS TONS THE MP3"="C:\\Documents and Settings\\All Users\\Application Data\\Readme Live Axis Tons\\ball memo.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-25 18:49:57
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections


    caswequ.dat
    caswequ.exe
    caswequ_nav.dat
    caswequ_navps.dat
    CASWEQU.EXE-21245B88.pf
    ==> EGDACCESS <==

    --------------------\\ ROGUES ..

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    C:\PROGRA~1\Starware354

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Patrice\Local Settings\Temp\R‚pertoire temporaire 1 pour Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Local Settings\Temp\R‚pertoire temporaire 1 pour Clone Dvd Any Dvd Crack Serial.zip\Office 97 Professional - Español - Clonecd.rar
    C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
    C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
    C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
    C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip


    [F:422][D:394]-> C:\DOCUME~1\Patrice\LOCALS~1\Temp
    [F:395][D:0]-> C:\DOCUME~1\Patrice\Cookies
    [F:14449][D:38]-> C:\DOCUME~1\Patrice\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 18:54:19
    Contenus similaires
    a b 8 Sécurité
    25 Août 2008 20:08:05

    Re,

    Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.
    25 Août 2008 21:32:49

    OK, voici le rapport, sachant que ma page internet s'est fermée toute seule et que j'ai eu un message de "Spybot - Search &Destroy" me demandant d'autoriser à supprimer un fichier important "????MP3", j'ai répondu Oui, j'espère ne pas avoir commis d'erreur.


    --------------------\\ Lop S&D 4.2.3-4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    Award Medallion BIOS v6.00PG
    BOOT : Normal boot

    "C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
    Option : [2] ( 25/08/2008|21:07 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\ball memo.exe
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@d2.advertserve[1].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@www.adserver5[1].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@adopt.euroclick[1].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@pacificpoker[2].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@partypoker[1].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@32vegas[2].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@banner.32vegas[2].txt
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
    Supprime! - C:\Program Files\Circle Developement

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Viewpoint
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [29/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [11/02/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
    [10/03/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [30/01/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [02/11/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [16/08/2004|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [08/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [18/09/2006|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [23/08/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [10/07/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [05/11/2006|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure
    [11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [31/08/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/03/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
    [05/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
    [16/07/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
    [04/07/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [15/01/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [16/08/2004|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [08/01/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
    [24/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [20/08/2008|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    [22/08/2008|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [15/07/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [25/05/2006|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [04/01/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [03/06/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [14/09/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [11/05/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [16/08/2004|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [16/08/2004|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [10/03/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [10/03/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [10/03/2006|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
    [10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

    [23/02/2007|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [16/08/2004|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [14/02/2007|15:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [11/02/2008|17:41] C:\DOCUME~1\Patrice\APPLIC~1\Adobe
    [04/09/2007|17:33] C:\DOCUME~1\Patrice\APPLIC~1\AdobeUM
    [13/03/2006|19:34] C:\DOCUME~1\Patrice\APPLIC~1\ArcSoft
    [02/11/2006|15:52] C:\DOCUME~1\Patrice\APPLIC~1\CyberLink
    [16/08/2004|18:55] C:\DOCUME~1\Patrice\APPLIC~1\desktop.ini
    [24/06/2008|22:37] C:\DOCUME~1\Patrice\APPLIC~1\EPSON
    [02/05/2008|15:10] C:\DOCUME~1\Patrice\APPLIC~1\GDIPFONTCACHEV1.DAT
    [18/09/2006|18:20] C:\DOCUME~1\Patrice\APPLIC~1\Google
    [10/03/2006|18:24] C:\DOCUME~1\Patrice\APPLIC~1\Help
    [01/07/2008|19:44] C:\DOCUME~1\Patrice\APPLIC~1\Icone
    [11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Identities
    [30/01/2008|22:04] C:\DOCUME~1\Patrice\APPLIC~1\InstallShield
    [10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Leadertech
    [19/08/2007|17:36] C:\DOCUME~1\Patrice\APPLIC~1\LEGO Company
    [31/08/2007|18:05] C:\DOCUME~1\Patrice\APPLIC~1\Macromedia
    [14/09/2007|19:10] C:\DOCUME~1\Patrice\APPLIC~1\Microsoft
    [10/03/2006|20:15] C:\DOCUME~1\Patrice\APPLIC~1\MSN Search Toolbar
    [10/03/2006|18:27] C:\DOCUME~1\Patrice\APPLIC~1\MSNInstaller
    [04/07/2008|20:47] C:\DOCUME~1\Patrice\APPLIC~1\PlayFirst
    [10/03/2006|22:53] C:\DOCUME~1\Patrice\APPLIC~1\Real
    [05/09/2006|23:57] C:\DOCUME~1\Patrice\APPLIC~1\SecuROM
    [10/05/2006|14:00] C:\DOCUME~1\Patrice\APPLIC~1\SendPix
    [10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Sonic
    [23/08/2008|22:54] C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    [10/03/2006|16:50] C:\DOCUME~1\Patrice\APPLIC~1\Sun
    [21/02/2008|21:27] C:\DOCUME~1\Patrice\APPLIC~1\Super-Cow
    [20/08/2008|12:34] C:\DOCUME~1\Patrice\APPLIC~1\Symantec
    [20/08/2008|12:22] C:\DOCUME~1\Patrice\APPLIC~1\Up Creative Skip
    [17/03/2006|19:50] C:\DOCUME~1\Patrice\APPLIC~1\yahoo!
    [10/03/2006|16:54] C:\DOCUME~1\Patrice\APPLIC~1\You've Got Pictures Screensaver
    [11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Zylom

    [03/07/2006|14:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
    [15/03/2006|14:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [25/08/2008 20:12][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Patrice.job
    [10/03/2006 17:13][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
    [25/08/2008 12:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/02/2007|19:03] C:\Program Files\3B Software
    [01/07/2007|16:59] C:\Program Files\Adibou et ses amis
    [29/04/2008|12:19] C:\Program Files\Adobe
    [10/03/2006|16:46] C:\Program Files\AMD
    [10/03/2006|17:52] C:\Program Files\AOL 9.0
    [10/03/2006|16:54] C:\Program Files\AOL Compagnon
    [10/03/2006|18:35] C:\Program Files\ArcSoft
    [30/01/2008|22:07] C:\Program Files\Avanquest update
    [16/07/2008|12:23] C:\Program Files\Beach Soccer
    [05/09/2006|23:57] C:\Program Files\BoontyGames
    [10/03/2006|18:13] C:\Program Files\Canon
    [26/11/2006|12:54] C:\Program Files\Chicken Invaders 2
    [25/05/2006|14:32] C:\Program Files\Chicken Invaders 2 Fran‡ais
    [30/01/2008|22:05] C:\Program Files\Common Files
    [16/08/2004|19:05] C:\Program Files\ComPlus Applications
    [10/03/2006|19:40] C:\Program Files\CosmoSoftware
    [02/11/2006|10:31] C:\Program Files\CyberLink
    [02/11/2006|10:31] C:\Program Files\CyberLink DVD Solution
    [10/03/2006|18:46] C:\Program Files\directx
    [07/07/2008|22:26] C:\Program Files\DVD Shrink
    [10/03/2006|16:59] C:\Program Files\Dynamic Toolbar
    [11/07/2008|18:44] C:\Program Files\eMule
    [04/01/2007|17:52] C:\Program Files\EPSON
    [20/08/2008|12:31] C:\Program Files\Fichiers communs
    [02/07/2007|17:38] C:\Program Files\Google
    [04/07/2008|17:12] C:\Program Files\Icone
    [16/07/2008|12:14] C:\Program Files\InstallShield Installation Information
    [15/08/2007|11:36] C:\Program Files\InterActual
    [18/08/2008|18:16] C:\Program Files\Internet Explorer
    [23/08/2006|13:54] C:\Program Files\Java
    [15/03/2006|15:36] C:\Program Files\K-Lite Codec Pack
    [10/03/2006|19:11] C:\Program Files\Larousse
    [10/03/2006|16:54] C:\Program Files\Learn2.com
    [04/07/2008|17:12] C:\Program Files\LETMIN
    [18/08/2008|18:15] C:\Program Files\Messenger
    [11/07/2008|16:06] C:\Program Files\Messenger Plus! Live
    [15/09/2007|19:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [16/08/2004|19:11] C:\Program Files\microsoft frontpage
    [17/03/2006|13:37] C:\Program Files\Microsoft Money
    [07/03/2008|12:21] C:\Program Files\microsoft office
    [10/03/2006|17:02] C:\Program Files\Microsoft Visual Studio
    [17/03/2006|13:35] C:\Program Files\Microsoft Works
    [17/03/2006|13:32] C:\Program Files\Microsoft Works Suite 2003
    [07/02/2008|16:31] C:\Program Files\monAlbumPhoto
    [30/01/2008|22:06] C:\Program Files\Motorola Phone Tools
    [14/07/2007|14:59] C:\Program Files\Movie Maker
    [10/03/2006|18:27] C:\Program Files\MSN
    [19/08/2008|21:19] C:\Program Files\MSN Games
    [16/08/2004|19:03] C:\Program Files\MSN Gaming Zone
    [11/07/2008|16:06] C:\Program Files\MSN Messenger
    [10/03/2006|20:10] C:\Program Files\MSN Toolbar Suite
    [19/11/2006|21:37] C:\Program Files\MSXML 4.0
    [16/08/2004|19:06] C:\Program Files\NetMeeting
    [20/08/2008|12:32] C:\Program Files\Norton Internet Security
    [16/08/2004|19:03] C:\Program Files\Online Services
    [13/06/2007|23:40] C:\Program Files\Outlook Express
    [10/05/2006|13:55] C:\Program Files\PixDiscount
    [10/03/2006|16:54] C:\Program Files\QuickTime
    [10/03/2006|16:54] C:\Program Files\Real
    [10/06/2006|19:14] C:\Program Files\ReflexiveArcade
    [20/03/2006|22:29] C:\Program Files\RM-X Player V3
    [23/04/2007|19:24] C:\Program Files\SAGEM
    [18/04/2007|10:16] C:\Program Files\Securitoo
    [16/08/2004|19:07] C:\Program Files\Services en ligne
    [08/01/2008|16:12] C:\Program Files\Skyline
    [19/08/2008|21:17] C:\Program Files\Sonic
    [23/08/2008|22:32] C:\Program Files\Spybot - Search & Destroy
    [20/08/2008|19:43] C:\Program Files\Spyware-Secure
    [23/08/2008|22:54] C:\Program Files\Starware354
    [20/08/2008|12:32] C:\Program Files\Symantec
    [05/09/2006|23:57] C:\Program Files\T‚l‚chargeur de Tomb Raider - Legend
    [24/08/2008|17:03] C:\Program Files\Trend Micro
    [16/08/2004|19:19] C:\Program Files\Uninstall Information
    [10/08/2004|00:30] C:\Program Files\Uninstall_CDS.exe
    [20/08/2008|12:19] C:\Program Files\Up Creative Skip
    [11/07/2008|16:06] C:\Program Files\Windows Live
    [23/02/2007|15:10] C:\Program Files\Windows Media Connect 2
    [23/02/2007|15:10] C:\Program Files\Windows Media Player
    [16/08/2004|19:03] C:\Program Files\Windows NT
    [20/08/2008|12:31] C:\Program Files\Windows Sidebar
    [16/08/2004|19:07] C:\Program Files\WindowsUpdate
    [16/08/2004|19:11] C:\Program Files\xerox
    [17/03/2006|19:50] C:\Program Files\Yahoo!
    [12/05/2008|12:32] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [10/03/2006|22:57] C:\Program Files\Fichiers communs\Adobe
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\AOL
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\aolshare
    [10/03/2006|17:02] C:\Program Files\Fichiers communs\Designer
    [04/01/2007|17:56] C:\Program Files\Fichiers communs\InstallShield
    [10/03/2006|16:50] C:\Program Files\Fichiers communs\Java
    [19/08/2008|21:31] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/01/2008|22:05] C:\Program Files\Fichiers communs\Motorola Shared
    [16/08/2004|19:06] C:\Program Files\Fichiers communs\MSSoap
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\Nullsoft
    [16/08/2004|18:57] C:\Program Files\Fichiers communs\ODBC
    [10/03/2006|17:00] C:\Program Files\Fichiers communs\Real
    [16/08/2004|19:06] C:\Program Files\Fichiers communs\Services
    [10/03/2006|19:46] C:\Program Files\Fichiers communs\snpp202
    [10/03/2006|17:03] C:\Program Files\Fichiers communs\Sonic Shared
    [16/08/2004|18:56] C:\Program Files\Fichiers communs\SpeechEngines
    [25/08/2008|20:08] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|23:40] C:\Program Files\Fichiers communs\System
    [10/03/2006|17:00] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 46 Processus )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[1].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-25 21:09:19
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections


    caswequ.dat
    caswequ.exe
    caswequ_nav.dat
    caswequ_navps.dat
    CASWEQU.EXE-21245B88.pf
    ==> EGDACCESS <==

    --------------------\\ ROGUES ..

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    C:\PROGRA~1\Starware354

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Patrice\Local Settings\Temp\R‚pertoire temporaire 1 pour Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Local Settings\Temp\R‚pertoire temporaire 1 pour Clone Dvd Any Dvd Crack Serial.zip\Office 97 Professional - Español - Clonecd.rar
    C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
    C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
    C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
    C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip


    [F:423][D:394]-> C:\DOCUME~1\Patrice\LOCALS~1\Temp
    [F:353][D:0]-> C:\DOCUME~1\Patrice\Cookies
    [F:16217][D:38]-> C:\DOCUME~1\Patrice\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 21:14:59

    26 Août 2008 16:56:39

    Bonjour,

    J'ai vu passer un message comme quoi vous êtes en "maintenance" mercredi. Est-ce-que vous pensez pouvoir me répondre avant. Merci bocou

    a b 8 Sécurité
    26 Août 2008 17:47:16

    Re,

    On continue :) 

    Télécharge Navilog1.exe (IL-MAFIOSO)
    Enregistre-le sur ton Bureau.
    Lance l'installation en double cliquant sur navilog.exe.
    Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

    Laisse-toi guider par l'utilitaire. Choisis l'option 4 puis valide.

    Il va te demander de saisir le nom de fichier. Saisie ce qui est en gras ci-dessous et rien d'autre puis valide :
    caswequ
    Retape le nom de fichier quand cela te sera demandé.

    L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
    [#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
    Appuie maintenant sur une touche, comme demandé.
    (si ton PC ne redémarre pas automatiquement, fais-le manuellement)

    Patiente jusqu'à l'apparition de ce message :
    "*** Nettoyage Termine le ..... ***"

    Le Bloc-notes va s'ouvrir.
    Sauvegarde le rapport de manière à le retrouver.
    Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.

    Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
    Ainsi qu'un nouveau rapport Hijackthis.
    26 Août 2008 19:46:27

    Re,

    Alors voici le rapport Navilog :
    Clean Navipromo version 3.6.5 commencé le 26/08/2008 à 19:12:09,17

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "Patrice"

    Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11
    Système de fichiers : NTFS


    Mode suppression par méthode manuelle

    Nom du fichier saisi : caswequ

    Nettoyage exécuté au redémarrage de l'ordinateur

    *** Recherche, création sauvegardes et suppression ***

    * Suppression dans "C:\WINDOWS\system32" *


    C:\WINDOWS\prefetch\caswequ*.pf trouvé !
    Copie C:\WINDOWS\prefetch\caswequ*.pf réalisée avec succès !
    C:\WINDOWS\prefetch\caswequ*.pf supprimé !

    * Suppression dans "C:\Documents and Settings\Patrice\locals~1\applic~1" *


    caswequ.exe trouvé !
    Copie caswequ.exe réalisée avec succès !
    caswequ.exe supprimé !

    caswequ.dat trouvé !
    Copie caswequ.dat réalisée avec succès !
    caswequ.dat supprimé !

    caswequ_nav.dat trouvé !
    Copie caswequ_nav.dat réalisée avec succès !
    caswequ_nav.dat supprimé !

    caswequ_navps.dat trouvé !
    Copie caswequ_navps.dat réalisée avec succès !
    caswequ_navps.dat supprimé !


    *** Suppression dossiers dans "C:\WINDOWS" ***


    *** Suppression dossiers dans "C:\Program Files" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Patrice\applic~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Patrice\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Patrice\menudm~1\progra~1" ***



    *** Suppression fichiers ***


    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Patrice\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\WINDOWS\system32" *


    * Dans "C:\Documents and Settings\Patrice\locals~1\applic~1" *


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group supprimé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit supprimé !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Nettoyage terminé le 26/08/2008 à 19:17:41,79 ***



    Voici le rapport Hijackthis
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:38:32, on 26/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\apps\ABoard\ABoard.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\apps\ABoard\AOSD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?a435fdbd7e0246c1bd12fcf97329cba
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?a435fdbd7e0246c1bd12fcf97329cba
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 11340 bytes


    Que dois-je faire maintenant ?
    Pour info, j'ai Norton et Spybot sur mon PC dois-je les garder ?
    Par contre, j'ai perdu mon graveur qui était Record Now !

    Merci pour tout


    a b 8 Sécurité
    26 Août 2008 19:53:01

    Refais un scan LopSD option 1 :) 
    26 Août 2008 20:12:20

    Rapport LopSD
    --------------------\\ Lop S&D 4.2.3-4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    Award Medallion BIOS v6.00PG
    BOOT : Normal boot

    "C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
    Option : [1] ( 26/08/2008|20:03 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [29/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [11/02/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
    [10/03/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [30/01/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [02/11/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [16/08/2004|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [08/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [18/09/2006|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [23/08/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [10/07/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [05/11/2006|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure
    [11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [31/08/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/03/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
    [05/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
    [16/07/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
    [04/07/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [15/01/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [16/08/2004|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [08/01/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
    [24/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [20/08/2008|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    [22/08/2008|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [15/07/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [25/05/2006|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [04/01/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [03/06/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [14/09/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [11/05/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [16/08/2004|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [16/08/2004|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [10/03/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [10/03/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [10/03/2006|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
    [10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

    [23/02/2007|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [16/08/2004|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [14/02/2007|15:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [11/02/2008|17:41] C:\DOCUME~1\Patrice\APPLIC~1\Adobe
    [04/09/2007|17:33] C:\DOCUME~1\Patrice\APPLIC~1\AdobeUM
    [13/03/2006|19:34] C:\DOCUME~1\Patrice\APPLIC~1\ArcSoft
    [02/11/2006|15:52] C:\DOCUME~1\Patrice\APPLIC~1\CyberLink
    [16/08/2004|18:55] C:\DOCUME~1\Patrice\APPLIC~1\desktop.ini
    [24/06/2008|22:37] C:\DOCUME~1\Patrice\APPLIC~1\EPSON
    [02/05/2008|15:10] C:\DOCUME~1\Patrice\APPLIC~1\GDIPFONTCACHEV1.DAT
    [18/09/2006|18:20] C:\DOCUME~1\Patrice\APPLIC~1\Google
    [10/03/2006|18:24] C:\DOCUME~1\Patrice\APPLIC~1\Help
    [01/07/2008|19:44] C:\DOCUME~1\Patrice\APPLIC~1\Icone
    [11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Identities
    [30/01/2008|22:04] C:\DOCUME~1\Patrice\APPLIC~1\InstallShield
    [10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Leadertech
    [19/08/2007|17:36] C:\DOCUME~1\Patrice\APPLIC~1\LEGO Company
    [31/08/2007|18:05] C:\DOCUME~1\Patrice\APPLIC~1\Macromedia
    [14/09/2007|19:10] C:\DOCUME~1\Patrice\APPLIC~1\Microsoft
    [10/03/2006|20:15] C:\DOCUME~1\Patrice\APPLIC~1\MSN Search Toolbar
    [10/03/2006|18:27] C:\DOCUME~1\Patrice\APPLIC~1\MSNInstaller
    [04/07/2008|20:47] C:\DOCUME~1\Patrice\APPLIC~1\PlayFirst
    [10/03/2006|22:53] C:\DOCUME~1\Patrice\APPLIC~1\Real
    [05/09/2006|23:57] C:\DOCUME~1\Patrice\APPLIC~1\SecuROM
    [10/05/2006|14:00] C:\DOCUME~1\Patrice\APPLIC~1\SendPix
    [10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Sonic
    [23/08/2008|22:54] C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    [10/03/2006|16:50] C:\DOCUME~1\Patrice\APPLIC~1\Sun
    [21/02/2008|21:27] C:\DOCUME~1\Patrice\APPLIC~1\Super-Cow
    [20/08/2008|12:34] C:\DOCUME~1\Patrice\APPLIC~1\Symantec
    [20/08/2008|12:22] C:\DOCUME~1\Patrice\APPLIC~1\Up Creative Skip
    [17/03/2006|19:50] C:\DOCUME~1\Patrice\APPLIC~1\yahoo!
    [10/03/2006|16:54] C:\DOCUME~1\Patrice\APPLIC~1\You've Got Pictures Screensaver
    [11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Zylom

    [03/07/2006|14:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
    [15/03/2006|14:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [25/08/2008 20:12][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Patrice.job
    [10/03/2006 17:13][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
    [26/08/2008 19:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/02/2007|19:03] C:\Program Files\3B Software
    [01/07/2007|16:59] C:\Program Files\Adibou et ses amis
    [29/04/2008|12:19] C:\Program Files\Adobe
    [10/03/2006|16:46] C:\Program Files\AMD
    [10/03/2006|17:52] C:\Program Files\AOL 9.0
    [10/03/2006|16:54] C:\Program Files\AOL Compagnon
    [10/03/2006|18:35] C:\Program Files\ArcSoft
    [30/01/2008|22:07] C:\Program Files\Avanquest update
    [16/07/2008|12:23] C:\Program Files\Beach Soccer
    [05/09/2006|23:57] C:\Program Files\BoontyGames
    [10/03/2006|18:13] C:\Program Files\Canon
    [26/11/2006|12:54] C:\Program Files\Chicken Invaders 2
    [25/05/2006|14:32] C:\Program Files\Chicken Invaders 2 Fran‡ais
    [30/01/2008|22:05] C:\Program Files\Common Files
    [16/08/2004|19:05] C:\Program Files\ComPlus Applications
    [10/03/2006|19:40] C:\Program Files\CosmoSoftware
    [02/11/2006|10:31] C:\Program Files\CyberLink
    [02/11/2006|10:31] C:\Program Files\CyberLink DVD Solution
    [10/03/2006|18:46] C:\Program Files\directx
    [07/07/2008|22:26] C:\Program Files\DVD Shrink
    [10/03/2006|16:59] C:\Program Files\Dynamic Toolbar
    [11/07/2008|18:44] C:\Program Files\eMule
    [04/01/2007|17:52] C:\Program Files\EPSON
    [20/08/2008|12:31] C:\Program Files\Fichiers communs
    [02/07/2007|17:38] C:\Program Files\Google
    [04/07/2008|17:12] C:\Program Files\Icone
    [16/07/2008|12:14] C:\Program Files\InstallShield Installation Information
    [15/08/2007|11:36] C:\Program Files\InterActual
    [18/08/2008|18:16] C:\Program Files\Internet Explorer
    [23/08/2006|13:54] C:\Program Files\Java
    [15/03/2006|15:36] C:\Program Files\K-Lite Codec Pack
    [10/03/2006|19:11] C:\Program Files\Larousse
    [10/03/2006|16:54] C:\Program Files\Learn2.com
    [04/07/2008|17:12] C:\Program Files\LETMIN
    [18/08/2008|18:15] C:\Program Files\Messenger
    [11/07/2008|16:06] C:\Program Files\Messenger Plus! Live
    [15/09/2007|19:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [16/08/2004|19:11] C:\Program Files\microsoft frontpage
    [17/03/2006|13:37] C:\Program Files\Microsoft Money
    [07/03/2008|12:21] C:\Program Files\microsoft office
    [10/03/2006|17:02] C:\Program Files\Microsoft Visual Studio
    [17/03/2006|13:35] C:\Program Files\Microsoft Works
    [17/03/2006|13:32] C:\Program Files\Microsoft Works Suite 2003
    [07/02/2008|16:31] C:\Program Files\monAlbumPhoto
    [30/01/2008|22:06] C:\Program Files\Motorola Phone Tools
    [14/07/2007|14:59] C:\Program Files\Movie Maker
    [10/03/2006|18:27] C:\Program Files\MSN
    [19/08/2008|21:19] C:\Program Files\MSN Games
    [16/08/2004|19:03] C:\Program Files\MSN Gaming Zone
    [11/07/2008|16:06] C:\Program Files\MSN Messenger
    [10/03/2006|20:10] C:\Program Files\MSN Toolbar Suite
    [19/11/2006|21:37] C:\Program Files\MSXML 4.0
    [26/08/2008|19:17] C:\Program Files\Navilog1
    [16/08/2004|19:06] C:\Program Files\NetMeeting
    [20/08/2008|12:32] C:\Program Files\Norton Internet Security
    [16/08/2004|19:03] C:\Program Files\Online Services
    [13/06/2007|23:40] C:\Program Files\Outlook Express
    [10/05/2006|13:55] C:\Program Files\PixDiscount
    [10/03/2006|16:54] C:\Program Files\QuickTime
    [10/03/2006|16:54] C:\Program Files\Real
    [10/06/2006|19:14] C:\Program Files\ReflexiveArcade
    [20/03/2006|22:29] C:\Program Files\RM-X Player V3
    [23/04/2007|19:24] C:\Program Files\SAGEM
    [18/04/2007|10:16] C:\Program Files\Securitoo
    [16/08/2004|19:07] C:\Program Files\Services en ligne
    [08/01/2008|16:12] C:\Program Files\Skyline
    [19/08/2008|21:17] C:\Program Files\Sonic
    [23/08/2008|22:32] C:\Program Files\Spybot - Search & Destroy
    [23/08/2008|22:54] C:\Program Files\Starware354
    [20/08/2008|12:32] C:\Program Files\Symantec
    [05/09/2006|23:57] C:\Program Files\T‚l‚chargeur de Tomb Raider - Legend
    [24/08/2008|17:03] C:\Program Files\Trend Micro
    [16/08/2004|19:19] C:\Program Files\Uninstall Information
    [10/08/2004|00:30] C:\Program Files\Uninstall_CDS.exe
    [20/08/2008|12:19] C:\Program Files\Up Creative Skip
    [11/07/2008|16:06] C:\Program Files\Windows Live
    [23/02/2007|15:10] C:\Program Files\Windows Media Connect 2
    [23/02/2007|15:10] C:\Program Files\Windows Media Player
    [16/08/2004|19:03] C:\Program Files\Windows NT
    [20/08/2008|12:31] C:\Program Files\Windows Sidebar
    [16/08/2004|19:07] C:\Program Files\WindowsUpdate
    [16/08/2004|19:11] C:\Program Files\xerox
    [17/03/2006|19:50] C:\Program Files\Yahoo!
    [12/05/2008|12:32] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [10/03/2006|22:57] C:\Program Files\Fichiers communs\Adobe
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\AOL
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\aolshare
    [10/03/2006|17:02] C:\Program Files\Fichiers communs\Designer
    [04/01/2007|17:56] C:\Program Files\Fichiers communs\InstallShield
    [10/03/2006|16:50] C:\Program Files\Fichiers communs\Java
    [19/08/2008|21:31] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/01/2008|22:05] C:\Program Files\Fichiers communs\Motorola Shared
    [16/08/2004|19:06] C:\Program Files\Fichiers communs\MSSoap
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\Nullsoft
    [16/08/2004|18:57] C:\Program Files\Fichiers communs\ODBC
    [10/03/2006|17:00] C:\Program Files\Fichiers communs\Real
    [16/08/2004|19:06] C:\Program Files\Fichiers communs\Services
    [10/03/2006|19:46] C:\Program Files\Fichiers communs\snpp202
    [10/03/2006|17:03] C:\Program Files\Fichiers communs\Sonic Shared
    [16/08/2004|18:56] C:\Program Files\Fichiers communs\SpeechEngines
    [26/08/2008|19:00] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|23:40] C:\Program Files\Fichiers communs\System
    [10/03/2006|17:00] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 47 Processus )

    iexplore.exe ~ [PID:3568] ~ [Threads:4]
    iexplore.exe ~ [PID:1980] ~ [Threads:28]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[1].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-26 20:04:47
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    C:\PROGRA~1\Starware354

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
    C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
    C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
    C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip


    [F:13][D:2]-> C:\DOCUME~1\Patrice\LOCALS~1\Temp
    [F:363][D:0]-> C:\DOCUME~1\Patrice\Cookies
    [F:18064][D:42]-> C:\DOCUME~1\Patrice\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 20:07:20
    a b 8 Sécurité
    27 Août 2008 14:40:41

    Re,

    Supprime tes cracks.

    Télécharge Toolbar-S&D ([#ff0000]Team IDN[/#ff]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    27 Août 2008 19:45:42

    Bonsoir,

    Quand je clique sur Toolbar-S&D je tombe là-dessus :
    (The requested file is not displayed because it might contain malicious content.
    If you believe this is an error, please visit our contact page to let us know. Contact Us)
    Je ne peux donc pas le télécharger, je fais quoi ?
    27 Août 2008 20:46:25

    Rapport Toolbar S&D

    -----------\\ ToolBar S&D 1.1.5 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Award Medallion BIOS v6.00PG
    USER : Patrice ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 15.5.0.23 (Activated)
    Firewall : Norton Internet Security 15.5.0.23 (Activated)

    "C:\ToolBar SD" ( MAJ : 26-08-2008|22:40 )
    Option : [1] ( 27/08/2008|20:37 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\dynamic toolbar
    C:\Program Files\dynamic toolbar\batch.bat
    C:\Program Files\dynamic toolbar\Cache
    C:\Program Files\dynamic toolbar\PBFRV2
    C:\Program Files\dynamic toolbar\unins000.dat
    C:\Program Files\dynamic toolbar\unins000.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\buttons
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\contexts
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\SimpleUpdate
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Games
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Movies
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354\RecipeSearch_Foreign
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Recipes_Foreign
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354\ScreensaversMarketingSitePager
    C:\Program Files\Starware354
    C:\Program Files\Starware354\bin
    C:\Program Files\Starware354\icons

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://securityresponse.symantec.com/avcenter/fix_homep..."
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Search Bar"="http://search.msn.com/spbasic.htm"
    "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"


    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    C:\PROGRA~1\Starware354

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
    C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
    C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
    C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip


    -----------\\ Fin du rapport a 20:39:23,62

    28 Août 2008 18:20:04

    Bonsoir,

    Juste une petite précision : ma connexion internet est toujours aussi lente.


    a b 8 Sécurité
    28 Août 2008 20:17:17

    Re,

    Passe l'option 2 maintenant.
    28 Août 2008 20:26:14


    -----------\\ ToolBar S&D 1.1.5 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : Award Medallion BIOS v6.00PG
    USER : Patrice ( Administrator )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 15.5.0.23 (Activated)
    Firewall : Norton Internet Security 15.5.0.23 (Activated)

    "C:\ToolBar SD" ( MAJ : 26-08-2008|22:40 )
    Option : [2] ( 28/08/2008|20:20 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\dynamic toolbar\batch.bat
    Supprime! - C:\Program Files\dynamic toolbar\Cache
    Supprime! - C:\Program Files\dynamic toolbar\PBFRV2
    Supprime! - C:\Program Files\dynamic toolbar\unins000.dat
    Supprime! - C:\Program Files\dynamic toolbar\unins000.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\buttons
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\contexts
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354\SimpleUpdate
    Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Games
    Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Movies
    Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\RecipeSearch_Foreign
    Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\Recipes_Foreign
    Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354\ScreensaversMarketingSitePager
    Supprime! - C:\Program Files\Starware354\bin
    Supprime! - C:\Program Files\Starware354\icons
    Supprime! - C:\Program Files\dynamic toolbar
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware354
    Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\Starware354
    Supprime! - C:\Program Files\Starware354

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://securityresponse.symantec.com/avcenter/fix_homep..."
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Search Bar"="http://search.msn.com/spbasic.htm"
    "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
    C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
    C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
    C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip


    -----------\\ Fin du rapport a 20:24:41,57

    a b 8 Sécurité
    28 Août 2008 21:20:19

    Merci de supprimer tes cracks. Reposte un rapport Hijackthis.
    29 Août 2008 00:07:35

    Désolée, mais je ne sais pas comment supprimer des cracks !!!

    Rapport HJT

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:06:28, on 29/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\apps\ABoard\ABoard.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\apps\ABoard\AOSD.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchFilter.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 10757 bytes
    a b 8 Sécurité
    29 Août 2008 12:14:23

    Re,

    On va faire autrement.

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe


    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1
    C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
    C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
    C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
    C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip


  • Relance Lop S&D.
  • Choisis cette fois-ci l'option 4 (LopScript). Une page blanche va s'ouvrir, colle (Ctrl+V) le texte précedemment copié.
  • Ferme cette page, il te sera demandé de l'enregistrer, accepte.
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ![/#f]
  • Poste le rapport généré (C:\lopR.txt*)

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    * le nom de la partition peut changer
    29 Août 2008 22:38:11

    Rapport Lop S&D
    --------------------\\ Lop S&D 4.2.3-4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    Award Medallion BIOS v6.00PG
    BOOT : Normal boot

    "C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
    Option : [4] ( 29/08/2008|22:30 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

    C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1
    C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
    C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
    C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
    C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
    C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\Patrice\Mes documents\AnyDVD\keygen.nfo
    Supprime! - C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\AnyDVD3611.exe
    Supprime! - C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack\Readme.txt
    Supprime! - C:\DOCUME~1\Patrice\Mes documents\My Videos\Creativity Fun Packs\Sound Effects\sports\Baseball Bat Hit, Crack.wma
    Supprime! - C:\DOCUME~1\Patrice\Mes documents\PartitionMagique8\Partition Magique v8Fr Crack.exe
    Supprime! - C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1
    Supprime! - C:\DOCUME~1\Patrice\Mes documents\AnyDVD\AnyDVD3611Wregcrack
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[1].txt
    Supprime! - C:\DOCUME~1\Patrice\Cookies\patrice@sr2.livemediasrv[2].txt

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [29/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [11/02/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
    [10/03/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [30/01/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [02/11/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [16/08/2004|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [08/07/2008|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [18/09/2006|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [23/08/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [10/07/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [05/11/2006|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Knowledge Adventure
    [11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [31/08/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/03/2006|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
    [05/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
    [16/07/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
    [04/07/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [15/01/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [16/08/2004|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [08/01/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
    [24/08/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [22/08/2008|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [15/07/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [25/05/2006|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [04/01/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [03/06/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [14/09/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [11/05/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [16/08/2004|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [16/08/2004|19:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [10/03/2006|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [10/03/2006|16:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [10/03/2006|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
    [10/03/2006|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

    [23/02/2007|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [16/08/2004|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [14/02/2007|15:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [11/02/2008|17:41] C:\DOCUME~1\Patrice\APPLIC~1\Adobe
    [04/09/2007|17:33] C:\DOCUME~1\Patrice\APPLIC~1\AdobeUM
    [13/03/2006|19:34] C:\DOCUME~1\Patrice\APPLIC~1\ArcSoft
    [02/11/2006|15:52] C:\DOCUME~1\Patrice\APPLIC~1\CyberLink
    [16/08/2004|18:55] C:\DOCUME~1\Patrice\APPLIC~1\desktop.ini
    [24/06/2008|22:37] C:\DOCUME~1\Patrice\APPLIC~1\EPSON
    [02/05/2008|15:10] C:\DOCUME~1\Patrice\APPLIC~1\GDIPFONTCACHEV1.DAT
    [18/09/2006|18:20] C:\DOCUME~1\Patrice\APPLIC~1\Google
    [10/03/2006|18:24] C:\DOCUME~1\Patrice\APPLIC~1\Help
    [01/07/2008|19:44] C:\DOCUME~1\Patrice\APPLIC~1\Icone
    [11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Identities
    [30/01/2008|22:04] C:\DOCUME~1\Patrice\APPLIC~1\InstallShield
    [10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Leadertech
    [19/08/2007|17:36] C:\DOCUME~1\Patrice\APPLIC~1\LEGO Company
    [31/08/2007|18:05] C:\DOCUME~1\Patrice\APPLIC~1\Macromedia
    [14/09/2007|19:10] C:\DOCUME~1\Patrice\APPLIC~1\Microsoft
    [10/03/2006|20:15] C:\DOCUME~1\Patrice\APPLIC~1\MSN Search Toolbar
    [10/03/2006|18:27] C:\DOCUME~1\Patrice\APPLIC~1\MSNInstaller
    [04/07/2008|20:47] C:\DOCUME~1\Patrice\APPLIC~1\PlayFirst
    [10/03/2006|22:53] C:\DOCUME~1\Patrice\APPLIC~1\Real
    [05/09/2006|23:57] C:\DOCUME~1\Patrice\APPLIC~1\SecuROM
    [10/05/2006|14:00] C:\DOCUME~1\Patrice\APPLIC~1\SendPix
    [10/03/2006|17:14] C:\DOCUME~1\Patrice\APPLIC~1\Sonic
    [10/03/2006|16:50] C:\DOCUME~1\Patrice\APPLIC~1\Sun
    [21/02/2008|21:27] C:\DOCUME~1\Patrice\APPLIC~1\Super-Cow
    [20/08/2008|12:34] C:\DOCUME~1\Patrice\APPLIC~1\Symantec
    [17/03/2006|19:50] C:\DOCUME~1\Patrice\APPLIC~1\yahoo!
    [10/03/2006|16:54] C:\DOCUME~1\Patrice\APPLIC~1\You've Got Pictures Screensaver
    [11/05/2008|10:32] C:\DOCUME~1\Patrice\APPLIC~1\Zylom

    [03/07/2006|14:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
    [15/03/2006|14:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [25/08/2008 20:12][--a------] C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - Patrice.job
    [10/03/2006 17:13][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
    [29/08/2008 15:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/02/2007|19:03] C:\Program Files\3B Software
    [01/07/2007|16:59] C:\Program Files\Adibou et ses amis
    [29/04/2008|12:19] C:\Program Files\Adobe
    [10/03/2006|16:46] C:\Program Files\AMD
    [10/03/2006|17:52] C:\Program Files\AOL 9.0
    [10/03/2006|16:54] C:\Program Files\AOL Compagnon
    [10/03/2006|18:35] C:\Program Files\ArcSoft
    [30/01/2008|22:07] C:\Program Files\Avanquest update
    [16/07/2008|12:23] C:\Program Files\Beach Soccer
    [05/09/2006|23:57] C:\Program Files\BoontyGames
    [10/03/2006|18:13] C:\Program Files\Canon
    [26/11/2006|12:54] C:\Program Files\Chicken Invaders 2
    [25/05/2006|14:32] C:\Program Files\Chicken Invaders 2 Fran‡ais
    [30/01/2008|22:05] C:\Program Files\Common Files
    [16/08/2004|19:05] C:\Program Files\ComPlus Applications
    [10/03/2006|19:40] C:\Program Files\CosmoSoftware
    [02/11/2006|10:31] C:\Program Files\CyberLink
    [02/11/2006|10:31] C:\Program Files\CyberLink DVD Solution
    [10/03/2006|18:46] C:\Program Files\directx
    [07/07/2008|22:26] C:\Program Files\DVD Shrink
    [11/07/2008|18:44] C:\Program Files\eMule
    [04/01/2007|17:52] C:\Program Files\EPSON
    [20/08/2008|12:31] C:\Program Files\Fichiers communs
    [02/07/2007|17:38] C:\Program Files\Google
    [04/07/2008|17:12] C:\Program Files\Icone
    [29/08/2008|17:53] C:\Program Files\InstallShield Installation Information
    [15/08/2007|11:36] C:\Program Files\InterActual
    [18/08/2008|18:16] C:\Program Files\Internet Explorer
    [23/08/2006|13:54] C:\Program Files\Java
    [15/03/2006|15:36] C:\Program Files\K-Lite Codec Pack
    [10/03/2006|19:11] C:\Program Files\Larousse
    [10/03/2006|16:54] C:\Program Files\Learn2.com
    [04/07/2008|17:12] C:\Program Files\LETMIN
    [18/08/2008|18:15] C:\Program Files\Messenger
    [11/07/2008|16:06] C:\Program Files\Messenger Plus! Live
    [15/09/2007|19:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [16/08/2004|19:11] C:\Program Files\microsoft frontpage
    [17/03/2006|13:37] C:\Program Files\Microsoft Money
    [07/03/2008|12:21] C:\Program Files\microsoft office
    [10/03/2006|17:02] C:\Program Files\Microsoft Visual Studio
    [17/03/2006|13:35] C:\Program Files\Microsoft Works
    [17/03/2006|13:32] C:\Program Files\Microsoft Works Suite 2003
    [07/02/2008|16:31] C:\Program Files\monAlbumPhoto
    [30/01/2008|22:06] C:\Program Files\Motorola Phone Tools
    [14/07/2007|14:59] C:\Program Files\Movie Maker
    [10/03/2006|18:27] C:\Program Files\MSN
    [19/08/2008|21:19] C:\Program Files\MSN Games
    [16/08/2004|19:03] C:\Program Files\MSN Gaming Zone
    [11/07/2008|16:06] C:\Program Files\MSN Messenger
    [10/03/2006|20:10] C:\Program Files\MSN Toolbar Suite
    [19/11/2006|21:37] C:\Program Files\MSXML 4.0
    [26/08/2008|19:17] C:\Program Files\Navilog1
    [16/08/2004|19:06] C:\Program Files\NetMeeting
    [20/08/2008|12:32] C:\Program Files\Norton Internet Security
    [16/08/2004|19:03] C:\Program Files\Online Services
    [13/06/2007|23:40] C:\Program Files\Outlook Express
    [10/05/2006|13:55] C:\Program Files\PixDiscount
    [10/03/2006|16:54] C:\Program Files\QuickTime
    [10/03/2006|16:54] C:\Program Files\Real
    [10/06/2006|19:14] C:\Program Files\ReflexiveArcade
    [20/03/2006|22:29] C:\Program Files\RM-X Player V3
    [23/04/2007|19:24] C:\Program Files\SAGEM
    [29/08/2008|17:54] C:\Program Files\SCi
    [18/04/2007|10:16] C:\Program Files\Securitoo
    [16/08/2004|19:07] C:\Program Files\Services en ligne
    [08/01/2008|16:12] C:\Program Files\Skyline
    [19/08/2008|21:17] C:\Program Files\Sonic
    [23/08/2008|22:32] C:\Program Files\Spybot - Search & Destroy
    [20/08/2008|12:32] C:\Program Files\Symantec
    [05/09/2006|23:57] C:\Program Files\T‚l‚chargeur de Tomb Raider - Legend
    [24/08/2008|17:03] C:\Program Files\Trend Micro
    [16/08/2004|19:19] C:\Program Files\Uninstall Information
    [10/08/2004|00:30] C:\Program Files\Uninstall_CDS.exe
    [20/08/2008|12:19] C:\Program Files\Up Creative Skip
    [11/07/2008|16:06] C:\Program Files\Windows Live
    [23/02/2007|15:10] C:\Program Files\Windows Media Connect 2
    [23/02/2007|15:10] C:\Program Files\Windows Media Player
    [16/08/2004|19:03] C:\Program Files\Windows NT
    [20/08/2008|12:31] C:\Program Files\Windows Sidebar
    [16/08/2004|19:07] C:\Program Files\WindowsUpdate
    [16/08/2004|19:11] C:\Program Files\xerox
    [17/03/2006|19:50] C:\Program Files\Yahoo!
    [28/08/2008|12:16] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [10/03/2006|22:57] C:\Program Files\Fichiers communs\Adobe
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\AOL
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\aolshare
    [10/03/2006|17:02] C:\Program Files\Fichiers communs\Designer
    [04/01/2007|17:56] C:\Program Files\Fichiers communs\InstallShield
    [10/03/2006|16:50] C:\Program Files\Fichiers communs\Java
    [19/08/2008|21:31] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/01/2008|22:05] C:\Program Files\Fichiers communs\Motorola Shared
    [16/08/2004|19:06] C:\Program Files\Fichiers communs\MSSoap
    [10/03/2006|16:54] C:\Program Files\Fichiers communs\Nullsoft
    [16/08/2004|18:57] C:\Program Files\Fichiers communs\ODBC
    [10/03/2006|17:00] C:\Program Files\Fichiers communs\Real
    [16/08/2004|19:06] C:\Program Files\Fichiers communs\Services
    [10/03/2006|19:46] C:\Program Files\Fichiers communs\snpp202
    [10/03/2006|17:03] C:\Program Files\Fichiers communs\Sonic Shared
    [16/08/2004|18:56] C:\Program Files\Fichiers communs\SpeechEngines
    [29/08/2008|22:24] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|23:40] C:\Program Files\Fichiers communs\System
    [10/03/2006|17:00] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 45 Processus )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\Patrice\Cookies\patrice@advertstream[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@advertising[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@adopt.euroclick[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@2xmoinscher[2].txt
    C:\DOCUME~1\Patrice\Cookies\patrice@www.2xmoinscher[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-29 22:32:15
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Patrice\Mes documents\Clone Dvd Any Dvd Crack Serial.zip
    C:\DOCUME~1\Patrice\Mes documents\virtual cd6\Virtual Cd 6.0.0.5 Keygen.zip


    [F:189][D:5]-> C:\DOCUME~1\Patrice\LOCALS~1\Temp
    [F:465][D:0]-> C:\DOCUME~1\Patrice\Cookies
    [F:13891][D:38]-> C:\DOCUME~1\Patrice\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 22:34:37

    Rapport HJT que j'ai redemandé parce que quand j'ai lancé les fix il m'a deux ou trois questions en anglais et je ne suis pas sûre d'avoir bien répondu...
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:36:18, on 29/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\apps\ABoard\ABoard.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\apps\ABoard\AOSD.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\cmd.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 10448 bytes


    MERCI BOCOUUUUUU pour votre aide

    a b 8 Sécurité
    30 Août 2008 15:18:53

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    31 Août 2008 13:44:30

    Re,

    Voici le rapport : il y avait 4 fichiers infectés
    Malwarebytes' Anti-Malware 1.25
    Version de la base de données: 1062
    Windows 5.1.2600 Service Pack 2

    13:34:29 31/08/2008
    mbam-log-08-31-2008 (13-34-29).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 151752
    Temps écoulé: 2 hour(s), 25 minute(s), 6 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP883\A0098744.dll (Adware.2020Search) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP883\A0098752.dll (Adware.Shopper) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP891\A0101951.exe (BHO.Baidu) -> Quarantined and deleted successfully.


    Par contre, maintenant mon ordi est long a allumer et la page MSN longue à arriver : depuis que j'ai allumé en mode sans échec....
    Est-ce normal ?
    Merci
    a b 8 Sécurité
    31 Août 2008 14:03:51

    Citation :
    Est-ce normal ?

    Pas lié à un virus je pense.

    Reposte un rapport Hijackthis.
    31 Août 2008 18:00:59

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:59:52, on 31/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\apps\ABoard\ABoard.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\apps\ABoard\AOSD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homep...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 10342 bytes


    a b 8 Sécurité
    31 Août 2008 21:59:45

    Re,

    Supprime ce dossier :
    C:\Program Files\Up Creative Skip

    Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    O4 - HKCU\..\Run: [Cdrombody] C:\DOCUME~1\Patrice\APPLIC~1\UPCREA~1\ballforksoft.exe
    1 Septembre 2008 19:17:10

    Merci pour tout, mon ordi a l'air de bien se porter.
    Encore merci pour le temps que tu m'as accordé... et bravo !!!
    a b 8 Sécurité
    1 Septembre 2008 19:36:15

    Bon surf.
    2 Novembre 2008 17:37:06

    Bonsoir,

    Deux mois plus tard, j'ai l'impression que mon ordi redevient lent et m'envoie de temps en temps des pages de pub.
    Voici le rapport Hijackthis, peux-tu y jeter un oeil STP, et bien évidemment si tu as le temps.
    Merci bocou

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:31:45, on 02/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\apps\ABoard\ABoard.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\apps\ABoard\AOSD.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S115.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 10375 bytes
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS