Se connecter / S'enregistrer
Votre question

pub CID tres tres enervante

Tags :
  • Acer
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
9 Mai 2008 17:28:51

Bonjour
a chaque fois que j'ouvre internet des pub CID apparaisse et etant un joueur de Counter strike ces pub me font "ralentir " mon ordinateur :sweat:  aide moi s'il vous plait

Autres pages sur : pub cid tres tres enervante

9 Mai 2008 19:06:14

Salut,

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer.
  • Accepte la licence en cliquant sur Yes.
  • Clique sur "Do a system scan and save a logfile".
  • Poste ici le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.

    Anonyme
    9 Mai 2008 19:45:01

    bon voila le rapport
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:43:15, on 09/05/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
    C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\System32\p2phost.exe
    C:\Program Files\Steam\Steam.exe
    C:\Users\maximinho45\AppData\Local\piuborgrgc.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
    O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDItime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
    O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
    O4 - HKCU\..\Run: [piuborgrgc] c:\users\maximinho45\appdata\local\piuborgrgc.exe piuborgrgc
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
    O4 - Startup: Widget GAME ONE.lnk = ?
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://click.getmirar.com (HKLM)
    O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 9575 bytes
    Contenus similaires
    9 Mai 2008 23:07:24

    Pas mal infecté !

    Télécharge Navilog (de Il-Mafioso)

  • Enregistre-le sur ton Bureau.
  • Installe-le en double cliquant sur navilog.exe.
  • Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau) [Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista)]
  • Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
    ! N'utilise pas l'option 2,3 et 4 sans notre accord !
  • Patiente jusqu'à l'apparition de ce message :
    "*** Analyse Termine le ..... ***"
  • Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.
  • Poste le rapport généré.

    Le rapport se trouve ici :C:\fixnavi.txt

    Si tu as Vista, fais ceci avant :
    Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )
    Anonyme
    9 Mai 2008 23:45:58

    d'accord ... merci c'est en train de rechercher
    Anonyme
    9 Mai 2008 23:52:51

    Search Navipromo version 3.5.6 commencé le 09/05/2008 à 23:44:24,27

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "maximinho45"

    Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO

    Microsoft Windows Vista 6.0.6000
    Internet Explorer : 7.0.6000.16643
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***


    *** Recherche dossiers dans "C:\Windows" ***


    *** Recherche dossiers dans "C:\Program Files" ***

    C:\Program Files\InternetGameBox trouvé !

    *** Recherche dossiers dans "C:\ProgramData" ***


    *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

    ...\InternetGameBox trouvé !

    *** Recherche dossiers dans "c:\users\maximi~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


    *** Recherche dossiers dans "C:\Users\maximinho45\AppData\Local\virtualstore\Program Files" ***

    ...\InternetGameBox trouvé !

    *** Recherche dossiers dans "C:\Users\maximinho45\AppData\Roaming" ***

    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Fichier(s) caché(s) :

    C:\Users\maximinho45\AppData\Local\piuborgrgc.dat
    C:\Users\maximinho45\AppData\Local\piuborgrgc.exe
    C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat
    C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat


    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\Windows\system32" *

    * Recherche dans "C:\Users\maximinho45\AppData\Local\Microsoft" *

    * Recherche dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *

    * Recherche dans "C:\Users\maximinho45\AppData\Local" *

    Fichiers trouvés :

    piuborgrgc.exe trouvé !



    *** Recherche fichiers ***


    c:\users\public\desktop\InternetGameBox.lnk trouvé !
    C:\Windows\system32\nvs2.inf trouvé !

    *** Recherche clés spécifiques dans le Registre ***

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !
    HKEY_CURRENT_USER\Software\mc trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\Windows\system32" :


    * Dans "C:\Users\maximinho45\AppData\Local\Microsoft" :


    * Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" :


    * Dans "C:\Users\maximinho45\AppData\Local" :

    piuborgrgc.dat trouvé !

    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche fichiers connus :



    *** Analyse terminée le 09/05/2008 à 23:52:04,66 ***
    9 Mai 2008 23:57:48

    Re,

    Ton infection est dûe au téléchargement et à l'installation de InternetGameBox.

  • Double clique sur le raccourci de Navilog1.
  • Choisis l'option 2 puis valide. (Entrée)
  • Laisse toi guider.
  • Ton ordinateur va redémarrer, sinon fais le manuellement.
  • Ton bureau va disparaître.
  • Patiente jusqu'à l'apparition de ce message :
    "*** Nettoyage Termine le ..... ***"
  • Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
  • Sauvegarde le rapport.
  • Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


    Démarrer -> panneau de configuration -> options internet
    Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

    Montorgueil ; VIP

    Si tu les trouves, fais ceci :
    * Sélectionne chacun de ces certificats et clique sur exporter. Enregistre le/les sur ton bureau.
    * Supprime ensuite ceux présents dans l'onglet "certificats" des options de ton naviguateur.

    Ensuite pour chacun des certificats présents sur ton bureau :
    * Va sur le site Web :
    http://www.bleepingcomputer.com/submit-malware.php?chan...
    * Copie/colle ceci dans la case 'Link to Topic' :
    le nom du certificat (Montorgueil ,......)
    * Copie/colle ceci dans la case 'Browse to the File' :
    Le certificat correspondant que tu avais exportés vers ton bureau

    Si c'est fait, supprime enfin le certificat présent sur ton bureau.

    Les programmes suivants installent cette infection :

    * Go-astro
    * GoRecord
    * HotTVPlayer
    * MailSkinner
    * Messenger Skinner
    * Instant Access
    * InternetGameBox
    * sudoplanet
    * Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
    * Sur le site www.games-desktop.com (Ne pas aller dessus!)

  • Poste le rapport sauvegardé auparavant (C:\cleannavi.txt) ainsi qu'un nouveau rapport Hijackthis.
    Anonyme
    10 Mai 2008 00:15:22

    euuh ... la je suis arriver a :D émarrer -> panneau de configuration -> options internet
    Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

    Montorgueil ; VIP

    Mais je n'est trouver aucun de ces 2 certificat comment je fais ?...
    Anonyme
    10 Mai 2008 00:27:21

    non rien c'est bon ... je continue comme si je les avait supprimer Désolée :) 
    Anonyme
    10 Mai 2008 00:29:01

    Donc voila le rapport sauvegarder :
    Clean Navipromo version 3.5.6 commencé le 10/05/2008 à 0:03:47,49

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "maximinho45"

    Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO

    Microsoft Windows Vista 6.0.6000
    Internet Explorer : 7.0.6000.16643
    Système de fichiers : NTFS

    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    *** Creation backups fichiers trouvés par Catchme ***

    Copie vers "C:\Program Files\navilog1\Backupnavi"

    Copie C:\Users\maximinho45\AppData\Local\piuborgrgc.dat réalisée avec succès !
    Copie C:\Users\maximinho45\AppData\Local\piuborgrgc.exe réalisée avec succès !
    Copie C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat réalisée avec succès !
    Copie C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat réalisée avec succès !

    *** Suppression des fichiers trouvés avec Catchme ***

    C:\Users\maximinho45\AppData\Local\piuborgrgc.dat supprimé !
    C:\Users\maximinho45\AppData\Local\piuborgrgc.exe supprimé !
    C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat supprimé !
    C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat supprimé !

    ** 2ème passage avec résultats Catchme **

    * Dans "C:\Windows\system32" *


    * Dans "C:\Users\maximinho45\AppData\Local\Microsoft" *


    * Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *


    * Dans "C:\Users\maximinho45\AppData\Local" *


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\Windows\System32" *


    * Suppression dans "C:\Users\maximinho45\AppData\Local\Microsoft" *


    * Suppression dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *


    * Suppression dans "C:\Users\maximinho45\AppData\Local" *



    *** Suppression dossiers dans "C:\Windows" ***


    *** Suppression dossiers dans "C:\Program Files" ***

    C:\Program Files\InternetGamebox ...suppression...
    C:\Program Files\InternetGamebox supprimé !


    *** Suppression dossiers dans "C:\ProgramData" ***


    *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

    ...\InternetGamebox ...suppression...
    ...\InternetGamebox supprimé !


    *** Suppression dossiers dans c:\users\maximi~1\appdata\roaming\micros~1\windows\startm~1\programs ***


    *** Suppression dossiers dans "C:\Users\maximinho45\AppData\Local\virtualstore\Program Files" ***

    ...\InternetGamebox ...suppression...
    ...\InternetGamebox supprimé !


    *** Suppression dossiers dans "C:\Users\maximinho45\AppData\Roaming" ***



    *** Suppression fichiers ***

    c:\users\public\desktop\InternetGameBox.lnk supprimé !
    C:\Windows\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\Windows\Temp effectué !
    Nettoyage contenu C:\Users\MAXIMI~1\AppData\Local\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\Windows\system32" *


    * Dans "C:\Users\maximinho45\AppData\Local\Microsoft" *


    * Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *


    * Dans "C:\Users\maximinho45\AppData\Local" *


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group supprimé !
    Certificat OOO-Favorit supprimé !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Nettoyage terminé le 10/05/2008 à 0:08:27,49 ***

    je refait un raport Hijackthis
    Anonyme
    10 Mai 2008 00:39:21

    et voici le raport hijackthis :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 0:29:26, on 10/05/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\System32\p2phost.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
    O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
    O4 - Startup: Widget GAME ONE.lnk = ?
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://click.getmirar.com (HKLM)
    O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 8572 bytes
    Anonyme
    10 Mai 2008 01:04:54

    Bon je vais me coucher
    étonner vous pas que je ne vous répondent pas :D 
    envoyer quand même vos post j'y redonderais demain
    a demain ...
    10 Mai 2008 11:33:58

    bien, on continue .

    Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau
    Anonyme
    10 Mai 2008 12:49:34

    -----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------

    [ USER : maximinho45 ] [ "C:\Windows\system32" ] [ Selection : 1 ]
    [ 10/05/2008 | 12:47:06,64 ] [ PC : PC-DE-MAXIMINHO ]
    [ MAJ : 06-05-2008 | 21:45 ]
    [ UAC => 0 ]

    -------------[ ]------------

    [07/01/2008|00:23] C:\Users\maximinho45\AppData\Roaming\Adobe\Flash Player
    [04/01/2008|18:53] C:\Users\maximinho45\AppData\Roaming\Adobe\Acrobat


    [14/04/2008|22:55] C:\Users\maximinho45\AppData\Roaming\Apple Computer\iTunes

    [03/02/2008|12:30] C:\Users\maximinho45\AppData\Roaming\ATI\ACE

    [22/04/2008|21:13] C:\Users\maximinho45\AppData\Roaming\Audacity\audacity.cfg
    [22/04/2008|21:13] C:\Users\maximinho45\AppData\Roaming\Audacity\AutoSave
    [22/04/2008|20:51] C:\Users\maximinho45\AppData\Roaming\Audacity\presets

    [26/04/2008|00:58] C:\Users\maximinho45\AppData\Roaming\AVS4YOU\AVSVideoConverter

    [24/04/2008|22:52] C:\Users\maximinho45\AppData\Roaming\Bitdefender\Desktop

    [01/05/2008|23:36] C:\Users\maximinho45\AppData\Roaming\DivX\DivX Codec
    [08/04/2008|15:50] C:\Users\maximinho45\AppData\Roaming\DivX\DivX Player

    [01/05/2008|21:08] C:\Users\maximinho45\AppData\Roaming\Download Manager\VideoConstructor
    [22/04/2008|20:46] C:\Users\maximinho45\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner

    [12/04/2008|00:36] C:\Users\maximinho45\AppData\Roaming\eMule\config

    [08/05/2008|21:04] C:\Users\maximinho45\AppData\Roaming\EoRezo\user.cyp
    [08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\db
    [08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\eoDesktop
    [08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\ConfMedia.cyp
    [08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\cmhost.cyp
    [08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\host.cyp
    [31/03/2008|21:28] C:\Users\maximinho45\AppData\Roaming\EoRezo\EoWeather.cfg
    [31/03/2008|21:25] C:\Users\maximinho45\AppData\Roaming\EoRezo\EoWeather

    [13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.DBF
    [13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.FPT
    [13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.CDX

    [01/05/2008|20:11] C:\Users\maximinho45\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
    [01/05/2008|20:11] C:\Users\maximinho45\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000

    [08/05/2008|01:10] C:\Users\maximinho45\AppData\Roaming\Google\Local Search History
    [22/02/2008|19:19] C:\Users\maximinho45\AppData\Roaming\Google\GoogleEarth

    [18/01/2008|23:05] C:\Users\maximinho45\AppData\Roaming\gtk-2.0\gtkfilechooser

    [04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}

    [09/05/2008|23:41] C:\Users\maximinho45\AppData\Roaming\ItsLabel\ItsTV

    [06/05/2008|18:24] C:\Users\maximinho45\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml

    [09/05/2008|02:10] C:\Users\maximinho45\AppData\Roaming\LimeWire\library.dat
    [09/05/2008|02:08] C:\Users\maximinho45\AppData\Roaming\LimeWire\fileurns.cache
    [09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\filters.props
    [09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\questions.props
    [09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\tables.props
    [09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\installation.props
    [09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\mojito.props
    [09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\limewire.props
    [09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\createtimes.cache
    [08/05/2008|19:01] C:\Users\maximinho45\AppData\Roaming\LimeWire\active.mojito
    [03/05/2008|23:58] C:\Users\maximinho45\AppData\Roaming\LimeWire\spam.dat
    [22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\ttrees.cache
    [22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\ttroot.cache
    [22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\.AppSpecialShare
    [22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\gnutella.net
    [14/04/2008|09:15] C:\Users\maximinho45\AppData\Roaming\LimeWire\version.xml
    [13/04/2008|22:49] C:\Users\maximinho45\AppData\Roaming\LimeWire\simpp.xml
    [09/03/2008|02:00] C:\Users\maximinho45\AppData\Roaming\LimeWire\responses.cache
    [04/03/2008|21:34] C:\Users\maximinho45\AppData\Roaming\LimeWire\passive.mojito
    [29/02/2008|18:42] C:\Users\maximinho45\AppData\Roaming\LimeWire\xml
    [29/02/2008|18:38] C:\Users\maximinho45\AppData\Roaming\LimeWire\fileurns.bak
    [29/02/2008|18:38] C:\Users\maximinho45\AppData\Roaming\LimeWire\themes

    [08/05/2008|01:14] C:\Users\maximinho45\AppData\Roaming\Macromedia\Flash Player


    [08/05/2008|21:04] C:\Users\maximinho45\AppData\Roaming\Microsoft\Installer
    [08/05/2008|16:20] C:\Users\maximinho45\AppData\Roaming\Microsoft\Office
    [08/05/2008|16:20] C:\Users\maximinho45\AppData\Roaming\Microsoft\OneNote
    [03/05/2008|22:55] C:\Users\maximinho45\AppData\Roaming\Microsoft\Windows Photo Gallery
    [28/04/2008|21:32] C:\Users\maximinho45\AppData\Roaming\Microsoft\MSN Messenger
    [18/04/2008|08:01] C:\Users\maximinho45\AppData\Roaming\Microsoft\Templates
    [18/04/2008|07:59] C:\Users\maximinho45\AppData\Roaming\Microsoft\Document Building Blocks
    [18/04/2008|07:59] C:\Users\maximinho45\AppData\Roaming\Microsoft\Word
    [15/04/2008|21:43] C:\Users\maximinho45\AppData\Roaming\Microsoft\MMC
    [18/03/2008|23:00] C:\Users\maximinho45\AppData\Roaming\Microsoft\Speech
    [05/03/2008|09:54] C:\Users\maximinho45\AppData\Roaming\Microsoft\OIS
    [13/02/2008|23:35] C:\Users\maximinho45\AppData\Roaming\Microsoft\HTML Help
    [24/01/2008|19:09] C:\Users\maximinho45\AppData\Roaming\Microsoft\Excel
    [24/01/2008|19:09] C:\Users\maximinho45\AppData\Roaming\Microsoft\AddIns
    [09/01/2008|20:28] C:\Users\maximinho45\AppData\Roaming\Microsoft\preuve
    [06/01/2008|20:17] C:\Users\maximinho45\AppData\Roaming\Microsoft\Internet Explorer
    [06/01/2008|20:13] C:\Users\maximinho45\AppData\Roaming\Microsoft\IdentityCRL
    [05/01/2008|19:35] C:\Users\maximinho45\AppData\Roaming\Microsoft\Windows
    [05/01/2008|18:40] C:\Users\maximinho45\AppData\Roaming\Microsoft\Network
    [05/01/2008|18:38] C:\Users\maximinho45\AppData\Roaming\Microsoft\Crypto
    [04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Microsoft\SystemCertificates
    [04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Microsoft\Protect
    [04/01/2008|18:04] C:\Users\maximinho45\AppData\Roaming\Microsoft\Credentials

    [13/02/2008|23:37] C:\Users\maximinho45\AppData\Roaming\Mozilla\Firefox


    [14/03/2008|23:52] C:\Users\maximinho45\AppData\Roaming\Real\RealMediaSDK
    [25/02/2008|18:32] C:\Users\maximinho45\AppData\Roaming\Real\RealPlayer

    [03/08/2000|20:36] C:\Users\maximinho45\AppData\Roaming\Template\Normal.wpt

    [04/04/2008|08:52] C:\Users\maximinho45\AppData\Roaming\UserTile.png\UserTile.png

    [27/02/2008|23:40] C:\Users\maximinho45\AppData\Roaming\video-for-mobile\3gpMobile

    [01/05/2008|20:03] C:\Users\maximinho45\AppData\Roaming\vlc\vlcrc
    [29/02/2008|23:26] C:\Users\maximinho45\AppData\Roaming\vlc\cache

    [11/02/2008|21:17] C:\Users\maximinho45\AppData\Roaming\VUPlayer\default.vpl


    [29/04/2008|20:03] C:\Users\maximinho45\AppData\Roaming\wklnhst.dat\wklnhst.dat

    ----------------[ ]---------------

    [10/05/2008 12:35][--ah-----] C:\Windows\tasks\SA.DAT
    [10/05/2008 01:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ ]------

    [06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [06/05/2007|21:23] C:\ProgramData\Adobe
    [01/03/2008|16:20] C:\ProgramData\Apple
    [01/03/2008|16:23] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [26/04/2008|00:57] C:\ProgramData\AVS4YOU
    [02/03/2008|23:55] C:\ProgramData\BitDefender
    [04/01/2008|18:00] C:\ProgramData\Bureau
    [06/05/2007|21:34] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [11/02/2008|21:25] C:\ProgramData\Downloaded Installations
    [26/04/2008|00:38] C:\ProgramData\DVD Shrink
    [12/04/2008|00:43] C:\ProgramData\eMule
    [04/01/2008|18:14] C:\ProgramData\eSobi
    [04/01/2008|18:00] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [12/04/2008|16:36] C:\ProgramData\FaxCtr
    [08/05/2008|13:18] C:\ProgramData\Google
    [09/02/2008|12:46] C:\ProgramData\Logishrd
    [08/01/2008|19:38] C:\ProgramData\Logitech
    [08/05/2008|21:32] C:\ProgramData\Lx_cats
    [04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
    [10/01/2008|21:21] C:\ProgramData\Messenger Plus!
    [03/03/2008|00:31] C:\ProgramData\Microsoft
    [10/04/2008|11:57] C:\ProgramData\Microsoft Help
    [04/01/2008|18:00] C:\ProgramData\ModŠles
    [27/04/2008|08:34] C:\ProgramData\proxy dash
    [04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [14/02/2008|16:43] C:\ProgramData\Symantec
    [10/03/2008|21:42] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [27/04/2008|08:34] C:\ProgramData\Tool Eggs Less City
    [27/04/2008|18:41] C:\ProgramData\TrackMania
    [11/03/2008|21:29] C:\ProgramData\Trymedia
    [27/04/2008|08:34] C:\ProgramData\type bash hold.rtoux
    [31/01/2008|23:55] C:\ProgramData\Ulead Systems
    [30/03/2008|22:58] C:\ProgramData\Upload Bags Bags.0la34z
    [27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.awwnf
    [27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.ks12p0f
    [03/04/2008|21:34] C:\ProgramData\WLInstaller
    [27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs

    ---------------[ ]--------------

    [12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [06/05/2007|21:33] C:\Program Files\Acer Arcade Live
    [22/06/2007|02:00] C:\Program Files\Acer Inc
    [22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [06/05/2007|21:23] C:\Program Files\Adobe
    [03/03/2008|00:17] C:\Program Files\Alwil Software
    [22/06/2007|01:56] C:\Program Files\ATI
    [22/06/2007|01:57] C:\Program Files\ATI Technologies
    [30/04/2008|23:15] C:\Program Files\AVS4YOU
    [01/05/2008|23:54] C:\Program Files\bobyte
    [01/03/2008|16:22] C:\Program Files\Bonjour
    [08/05/2008|01:05] C:\Program Files\CCleaner
    [30/04/2008|23:21] C:\Program Files\Common Files
    [08/05/2008|13:24] C:\Program Files\Conduit
    [06/05/2007|21:30] C:\Program Files\CyberLink
    [14/01/2008|22:49] C:\Program Files\desktop.ini
    [17/03/2008|21:15] C:\Program Files\Dictionnaire
    [02/05/2008|00:01] C:\Program Files\Digital Video Converter
    [24/04/2008|23:18] C:\Program Files\DivX
    [08/05/2008|21:04] C:\Program Files\EoRezo
    [07/01/2008|22:36] C:\Program Files\eSobi
    [02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
    [04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [01/05/2008|20:10] C:\Program Files\FLV Player
    [01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
    [01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
    [01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
    [22/02/2008|19:04] C:\Program Files\Foreignword
    [08/05/2008|13:24] C:\Program Files\Freecorder
    [08/05/2008|13:24] C:\Program Files\Google
    [18/04/2008|20:38] C:\Program Files\Half-Life
    [01/04/2008|10:39] C:\Program Files\IEToolbar
    [16/04/2008|22:33] C:\Program Files\ImTOO
    [24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
    [10/04/2008|11:57] C:\Program Files\Internet Explorer
    [09/05/2008|23:42] C:\Program Files\ItsLabel
    [04/03/2008|20:32] C:\Program Files\Java
    [12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
    [12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
    [29/02/2008|18:38] C:\Program Files\LimeWire
    [09/02/2008|12:38] C:\Program Files\Logitech
    [17/04/2008|18:05] C:\Program Files\MediaCoder
    [08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [06/05/2007|21:22] C:\Program Files\Microsoft Office
    [04/01/2008|18:52] C:\Program Files\Microsoft Works
    [06/05/2007|21:20] C:\Program Files\Microsoft.NET
    [02/11/2006|14:42] C:\Program Files\Movie Maker
    [18/04/2008|21:06] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [02/11/2006|14:37] C:\Program Files\MSN
    [07/01/2008|18:26] C:\Program Files\MSXML 4.0
    [10/05/2008|00:08] C:\Program Files\Navilog1
    [13/01/2008|21:04] C:\Program Files\Neuf
    [30/04/2008|23:21] C:\Program Files\newObjects
    [06/05/2007|21:18] C:\Program Files\NewTech Infosystems
    [13/01/2008|20:50] C:\Program Files\Orange HSS
    [06/05/2008|22:31] C:\Program Files\Paint.NET
    [03/05/2008|13:44] C:\Program Files\PhotoFiltre
    [27/04/2008|20:59] C:\Program Files\Project64 1.6
    [01/03/2008|16:22] C:\Program Files\QuickTime
    [25/02/2008|18:26] C:\Program Files\Real
    [06/05/2007|21:05] C:\Program Files\Realtek
    [16/04/2008|20:42] C:\Program Files\Red Kawa
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [01/05/2008|20:49] C:\Program Files\Replay Converter
    [01/05/2008|20:48] C:\Program Files\Replay Media Catcher
    [26/03/2008|18:03] C:\Program Files\Samsung
    [05/01/2008|18:37] C:\Program Files\Securitoo
    [02/03/2008|23:54] C:\Program Files\Softwin
    [15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
    [10/05/2008|12:36] C:\Program Files\Steam
    [16/04/2008|16:17] C:\Program Files\TmNationsForever
    [09/05/2008|19:42] C:\Program Files\Trend Micro
    [20/04/2008|17:06] C:\Program Files\Ubisoft
    [01/02/2008|00:20] C:\Program Files\Ulead Systems
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [27/02/2008|23:39] C:\Program Files\Video-For-Mobile
    [01/05/2008|20:04] C:\Program Files\VideoLAN
    [27/01/2008|22:50] C:\Program Files\Virtools
    [24/04/2008|23:15] C:\Program Files\VirtualDJ
    [01/03/2008|15:42] C:\Program Files\VistaCodecPack
    [05/01/2008|18:33] C:\Program Files\Wanadoo
    [14/01/2008|22:46] C:\Program Files\Windows Calendar
    [02/11/2006|14:42] C:\Program Files\Windows Collaboration
    [10/01/2008|00:42] C:\Program Files\Windows Defender
    [02/11/2006|14:42] C:\Program Files\Windows Journal
    [06/01/2008|20:09] C:\Program Files\Windows Live
    [10/04/2008|11:57] C:\Program Files\Windows Mail
    [10/01/2008|00:42] C:\Program Files\Windows Media Player
    [04/01/2008|18:00] C:\Program Files\Windows NT
    [02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
    [11/01/2008|00:24] C:\Program Files\Windows Sidebar
    [11/04/2008|12:47] C:\Program Files\WinRAR
    [08/05/2008|13:15] C:\Program Files\Yahoo!

    ------[ ]------

    [06/05/2007|21:23] C:\Program Files\Common Files\Adobe
    [30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
    [06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
    [06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
    [29/02/2008|18:36] C:\Program Files\Common Files\Java
    [06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
    [09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
    [27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
    [06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
    [30/04/2008|23:21] C:\Program Files\Common Files\newObjects
    [06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
    [24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
    [25/02/2008|18:32] C:\Program Files\Common Files\Real
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [24/04/2008|22:14] C:\Program Files\Common Files\Softwin
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [08/05/2008|13:27] C:\Program Files\Common Files\Steam
    [14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
    [10/01/2008|00:42] C:\Program Files\Common Files\System
    [06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... OK !

    ----------------------[ ]---------------------

    Commande ECHO d‚sactiv‚e.

    -----------------[ ]-----------------

    Commande ECHO d‚sactiv‚e.

    ----------------------[ ]----------------------

    ..... OK !

    --------------------[ ]---------------------

    Commande ECHO d‚sactiv‚e.


    ----------------[ ]-----------------


    --------------------[ ]---------------------

    Commande ECHO d‚sactiv‚e.

    /!\ [Fich:10][Doss:2] C:\Users\MAXIMI~1\AppData\Local\Temp

    [ UAC => 1 ]

    --------------------[ 12:47:12,59 ]----------------------
    10 Mai 2008 18:20:45

    Re,

    Tu as trafiqué le rapport ou il est sorti comme ça ?
    Anonyme
    10 Mai 2008 19:03:12

    il est sorti comme sa pourquoi ?
    10 Mai 2008 19:34:10

    Re,

    Tu peux ressayer pour voir ?
    Anonyme
    10 Mai 2008 19:38:27

    tien sa ne fait pas la meme chose ...
    voila le raport
    Anonyme
    10 Mai 2008 19:40:14


    -----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : maximinho45 ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 10/05/2008 | 19:33:02,39 ] [ PC : PC-DE-MAXIMINHO ]
    [ MAJ : 06-05-2008 | 21:45 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [07/01/2008|00:23] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Flash Player
    [04/01/2008|18:53] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Acrobat


    [14/04/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Apple Computer\iTunes

    [03/02/2008|12:30] C:\Users\MAXIMI~1\AppData\Roaming\ATI\ACE

    [22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\audacity.cfg
    [22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\AutoSave
    [22/04/2008|20:51] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\presets

    [26/04/2008|00:58] C:\Users\MAXIMI~1\AppData\Roaming\AVS4YOU\AVSVideoConverter

    [24/04/2008|22:52] C:\Users\MAXIMI~1\AppData\Roaming\Bitdefender\Desktop

    [01/05/2008|23:36] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Codec
    [08/04/2008|15:50] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Player

    [01/05/2008|21:08] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\VideoConstructor
    [22/04/2008|20:46] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner

    [12/04/2008|00:36] C:\Users\MAXIMI~1\AppData\Roaming\eMule\config

    [08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\user.cyp
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\db
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\eoDesktop
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\ConfMedia.cyp
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\cmhost.cyp
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\host.cyp
    [31/03/2008|21:28] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather.cfg
    [31/03/2008|21:25] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather

    [13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.DBF
    [13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.FPT
    [13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.CDX

    [01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
    [01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000

    [08/05/2008|01:10] C:\Users\MAXIMI~1\AppData\Roaming\Google\Local Search History
    [22/02/2008|19:19] C:\Users\MAXIMI~1\AppData\Roaming\Google\GoogleEarth

    [18/01/2008|23:05] C:\Users\MAXIMI~1\AppData\Roaming\gtk-2.0\gtkfilechooser

    [04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}

    [09/05/2008|23:41] C:\Users\MAXIMI~1\AppData\Roaming\ItsLabel\ItsTV

    [06/05/2008|18:24] C:\Users\MAXIMI~1\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml

    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\filters.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\questions.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\tables.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\installation.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\mojito.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\library.dat
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\limewire.props
    [10/05/2008|13:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\createtimes.cache
    [09/05/2008|02:08] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.cache
    [08/05/2008|19:01] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\active.mojito
    [03/05/2008|23:58] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\spam.dat
    [22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttrees.cache
    [22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttroot.cache
    [22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\.AppSpecialShare
    [22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\gnutella.net
    [14/04/2008|09:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\version.xml
    [13/04/2008|22:49] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\simpp.xml
    [09/03/2008|02:00] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\responses.cache
    [04/03/2008|21:34] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\passive.mojito
    [29/02/2008|18:42] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\xml
    [29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.bak
    [29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\themes

    [08/05/2008|01:14] C:\Users\MAXIMI~1\AppData\Roaming\Macromedia\Flash Player


    [08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Installer
    [08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Office
    [08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OneNote
    [03/05/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows Photo Gallery
    [28/04/2008|21:32] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MSN Messenger
    [18/04/2008|08:01] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Templates
    [18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Document Building Blocks
    [18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Word
    [15/04/2008|21:43] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MMC
    [18/03/2008|23:00] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Speech
    [05/03/2008|09:54] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OIS
    [13/02/2008|23:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\HTML Help
    [24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Excel
    [24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\AddIns
    [09/01/2008|20:28] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\preuve
    [06/01/2008|20:17] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Internet Explorer
    [06/01/2008|20:13] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\IdentityCRL
    [05/01/2008|19:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows
    [05/01/2008|18:40] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Network
    [05/01/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Crypto
    [04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\SystemCertificates
    [04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Protect
    [04/01/2008|18:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Credentials

    [13/02/2008|23:37] C:\Users\MAXIMI~1\AppData\Roaming\Mozilla\Firefox


    [14/03/2008|23:52] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealMediaSDK
    [25/02/2008|18:32] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealPlayer

    [03/08/2000|20:36] C:\Users\MAXIMI~1\AppData\Roaming\Template\Normal.wpt

    [04/04/2008|08:52] C:\Users\MAXIMI~1\AppData\Roaming\UserTile.png\UserTile.png

    [27/02/2008|23:40] C:\Users\MAXIMI~1\AppData\Roaming\video-for-mobile\3gpMobile

    [01/05/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\vlc\vlcrc
    [29/02/2008|23:26] C:\Users\MAXIMI~1\AppData\Roaming\vlc\cache

    [11/02/2008|21:17] C:\Users\MAXIMI~1\AppData\Roaming\VUPlayer\default.vpl


    [29/04/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\wklnhst.dat\wklnhst.dat

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [10/05/2008 19:32][--ah-----] C:\Windows\tasks\SA.DAT
    [10/05/2008 19:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [06/05/2007|21:23] C:\ProgramData\Adobe
    [01/03/2008|16:20] C:\ProgramData\Apple
    [01/03/2008|16:23] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [26/04/2008|00:57] C:\ProgramData\AVS4YOU
    [02/03/2008|23:55] C:\ProgramData\BitDefender
    [04/01/2008|18:00] C:\ProgramData\Bureau
    [06/05/2007|21:34] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [11/02/2008|21:25] C:\ProgramData\Downloaded Installations
    [26/04/2008|00:38] C:\ProgramData\DVD Shrink
    [12/04/2008|00:43] C:\ProgramData\eMule
    [04/01/2008|18:14] C:\ProgramData\eSobi
    [04/01/2008|18:00] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [12/04/2008|16:36] C:\ProgramData\FaxCtr
    [08/05/2008|13:18] C:\ProgramData\Google
    [09/02/2008|12:46] C:\ProgramData\Logishrd
    [08/01/2008|19:38] C:\ProgramData\Logitech
    [08/05/2008|21:32] C:\ProgramData\Lx_cats
    [04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
    [10/01/2008|21:21] C:\ProgramData\Messenger Plus!
    [03/03/2008|00:31] C:\ProgramData\Microsoft
    [10/04/2008|11:57] C:\ProgramData\Microsoft Help
    [04/01/2008|18:00] C:\ProgramData\ModŠles
    [27/04/2008|08:34] C:\ProgramData\proxy dash
    [04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [14/02/2008|16:43] C:\ProgramData\Symantec
    [10/03/2008|21:42] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [27/04/2008|08:34] C:\ProgramData\Tool Eggs Less City
    [27/04/2008|18:41] C:\ProgramData\TrackMania
    [11/03/2008|21:29] C:\ProgramData\Trymedia
    [27/04/2008|08:34] C:\ProgramData\type bash hold.rtoux
    [31/01/2008|23:55] C:\ProgramData\Ulead Systems
    [30/03/2008|22:58] C:\ProgramData\Upload Bags Bags.0la34z
    [27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.awwnf
    [27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.ks12p0f
    [03/04/2008|21:34] C:\ProgramData\WLInstaller
    [27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [06/05/2007|21:33] C:\Program Files\Acer Arcade Live
    [22/06/2007|02:00] C:\Program Files\Acer Inc
    [22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [06/05/2007|21:23] C:\Program Files\Adobe
    [03/03/2008|00:17] C:\Program Files\Alwil Software
    [22/06/2007|01:56] C:\Program Files\ATI
    [22/06/2007|01:57] C:\Program Files\ATI Technologies
    [30/04/2008|23:15] C:\Program Files\AVS4YOU
    [01/05/2008|23:54] C:\Program Files\bobyte
    [01/03/2008|16:22] C:\Program Files\Bonjour
    [08/05/2008|01:05] C:\Program Files\CCleaner
    [30/04/2008|23:21] C:\Program Files\Common Files
    [08/05/2008|13:24] C:\Program Files\Conduit
    [06/05/2007|21:30] C:\Program Files\CyberLink
    [14/01/2008|22:49] C:\Program Files\desktop.ini
    [17/03/2008|21:15] C:\Program Files\Dictionnaire
    [02/05/2008|00:01] C:\Program Files\Digital Video Converter
    [24/04/2008|23:18] C:\Program Files\DivX
    [08/05/2008|21:04] C:\Program Files\EoRezo
    [07/01/2008|22:36] C:\Program Files\eSobi
    [02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
    [04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [01/05/2008|20:10] C:\Program Files\FLV Player
    [01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
    [01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
    [01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
    [22/02/2008|19:04] C:\Program Files\Foreignword
    [08/05/2008|13:24] C:\Program Files\Freecorder
    [08/05/2008|13:24] C:\Program Files\Google
    [18/04/2008|20:38] C:\Program Files\Half-Life
    [01/04/2008|10:39] C:\Program Files\IEToolbar
    [16/04/2008|22:33] C:\Program Files\ImTOO
    [24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
    [10/04/2008|11:57] C:\Program Files\Internet Explorer
    [09/05/2008|23:42] C:\Program Files\ItsLabel
    [04/03/2008|20:32] C:\Program Files\Java
    [12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
    [12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
    [29/02/2008|18:38] C:\Program Files\LimeWire
    [09/02/2008|12:38] C:\Program Files\Logitech
    [17/04/2008|18:05] C:\Program Files\MediaCoder
    [08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [06/05/2007|21:22] C:\Program Files\Microsoft Office
    [04/01/2008|18:52] C:\Program Files\Microsoft Works
    [06/05/2007|21:20] C:\Program Files\Microsoft.NET
    [02/11/2006|14:42] C:\Program Files\Movie Maker
    [18/04/2008|21:06] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [02/11/2006|14:37] C:\Program Files\MSN
    [07/01/2008|18:26] C:\Program Files\MSXML 4.0
    [10/05/2008|00:08] C:\Program Files\Navilog1
    [13/01/2008|21:04] C:\Program Files\Neuf
    [30/04/2008|23:21] C:\Program Files\newObjects
    [06/05/2007|21:18] C:\Program Files\NewTech Infosystems
    [13/01/2008|20:50] C:\Program Files\Orange HSS
    [06/05/2008|22:31] C:\Program Files\Paint.NET
    [03/05/2008|13:44] C:\Program Files\PhotoFiltre
    [27/04/2008|20:59] C:\Program Files\Project64 1.6
    [01/03/2008|16:22] C:\Program Files\QuickTime
    [25/02/2008|18:26] C:\Program Files\Real
    [06/05/2007|21:05] C:\Program Files\Realtek
    [16/04/2008|20:42] C:\Program Files\Red Kawa
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [01/05/2008|20:49] C:\Program Files\Replay Converter
    [01/05/2008|20:48] C:\Program Files\Replay Media Catcher
    [26/03/2008|18:03] C:\Program Files\Samsung
    [05/01/2008|18:37] C:\Program Files\Securitoo
    [02/03/2008|23:54] C:\Program Files\Softwin
    [15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
    [10/05/2008|19:33] C:\Program Files\Steam
    [16/04/2008|16:17] C:\Program Files\TmNationsForever
    [09/05/2008|19:42] C:\Program Files\Trend Micro
    [20/04/2008|17:06] C:\Program Files\Ubisoft
    [01/02/2008|00:20] C:\Program Files\Ulead Systems
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [27/02/2008|23:39] C:\Program Files\Video-For-Mobile
    [01/05/2008|20:04] C:\Program Files\VideoLAN
    [27/01/2008|22:50] C:\Program Files\Virtools
    [24/04/2008|23:15] C:\Program Files\VirtualDJ
    [01/03/2008|15:42] C:\Program Files\VistaCodecPack
    [05/01/2008|18:33] C:\Program Files\Wanadoo
    [14/01/2008|22:46] C:\Program Files\Windows Calendar
    [02/11/2006|14:42] C:\Program Files\Windows Collaboration
    [10/01/2008|00:42] C:\Program Files\Windows Defender
    [02/11/2006|14:42] C:\Program Files\Windows Journal
    [06/01/2008|20:09] C:\Program Files\Windows Live
    [10/04/2008|11:57] C:\Program Files\Windows Mail
    [10/01/2008|00:42] C:\Program Files\Windows Media Player
    [04/01/2008|18:00] C:\Program Files\Windows NT
    [02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
    [11/01/2008|00:24] C:\Program Files\Windows Sidebar
    [11/04/2008|12:47] C:\Program Files\WinRAR
    [08/05/2008|13:15] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [06/05/2007|21:23] C:\Program Files\Common Files\Adobe
    [30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
    [06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
    [06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
    [29/02/2008|18:36] C:\Program Files\Common Files\Java
    [06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
    [09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
    [27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
    [06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
    [30/04/2008|23:21] C:\Program Files\Common Files\newObjects
    [06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
    [24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
    [25/02/2008|18:32] C:\Program Files\Common Files\Real
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [24/04/2008|22:14] C:\Program Files\Common Files\Softwin
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [08/05/2008|13:27] C:\Program Files\Common Files\Steam
    [14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
    [10/01/2008|00:42] C:\Program Files\Common Files\System
    [06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 63

    iexplore.exe ~ [3984]
    iexplore.exe ~ [1960]

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\ProgramData\type bash hold.rtoux
    C:\ProgramData\Upload Bags Bags.0la34z
    C:\ProgramData\Upload Bags Bags.awwnf
    C:\ProgramData\Upload Bags Bags.ks12p0f
    C:\ProgramData\type bash hold.rtoux
    C:\ProgramData\Upload Bags Bags.0la34z
    C:\ProgramData\Upload Bags Bags.ks12p0f

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\ProgramData\proxy dash
    C:\ProgramData\proxy dash\brbnbzuv.exe
    C:\ProgramData\proxy dash\funkpollmix.exe
    C:\ProgramData\proxy dash\idolmapi01gram.exe
    C:\ProgramData\proxy dash\yosyynac.exe
    C:\ProgramData\Tool Eggs Less City
    C:\ProgramData\Tool Eggs Less City\DART KIND.exe

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-10 19:34:15
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:16][Doss:4] C:\Users\MAXIMI~1\AppData\Local\Temp
    /!\ [Fich:118][Doss:1] C:\Users\MAXIMI~1\AppData\Roaming\MICROS~1\Windows\Cookies
    /!\ [Fich:3420][Doss:6] C:\Users\MAXIMI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 19:36:29,84 ]----------------------
    10 Mai 2008 20:24:47

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau
    Anonyme
    10 Mai 2008 20:34:55


    -----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : maximinho45 ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 10/05/2008 | 20:29:13,16 ] [ PC : PC-DE-MAXIMINHO ]
    [ MAJ : 06-05-2008 | 21:45 ]
    [ UAC => 0 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\ProgramData\proxy dash\brbnbzuv.exe
    Supprimé! - C:\ProgramData\proxy dash\funkpollmix.exe
    Supprimé! - C:\ProgramData\proxy dash\idolmapi01gram.exe
    Supprimé! - C:\ProgramData\proxy dash\yosyynac.exe
    Echec ! - C:\ProgramData\Tool Eggs Less City\DART KIND.exe
    Supprimé! - C:\ProgramData\type bash hold.rtoux
    Supprimé! - C:\ProgramData\Upload Bags Bags.0la34z
    Supprimé! - C:\ProgramData\Upload Bags Bags.awwnf
    Supprimé! - C:\ProgramData\Upload Bags Bags.ks12p0f
    Supprimé! - C:\ProgramData\proxy dash
    Echec ! - C:\ProgramData\Tool Eggs Less City
    Restauré! - Fichier Hosts

    \\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

    Supprimé! - C:\ProgramData\Tool Eggs Less City\DART KIND.exe
    Supprimé! - C:\ProgramData\Tool Eggs Less City

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [07/01/2008|00:23] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Flash Player
    [04/01/2008|18:53] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Acrobat


    [14/04/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Apple Computer\iTunes

    [03/02/2008|12:30] C:\Users\MAXIMI~1\AppData\Roaming\ATI\ACE

    [22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\audacity.cfg
    [22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\AutoSave
    [22/04/2008|20:51] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\presets

    [26/04/2008|00:58] C:\Users\MAXIMI~1\AppData\Roaming\AVS4YOU\AVSVideoConverter

    [24/04/2008|22:52] C:\Users\MAXIMI~1\AppData\Roaming\Bitdefender\Desktop

    [01/05/2008|23:36] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Codec
    [08/04/2008|15:50] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Player

    [01/05/2008|21:08] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\VideoConstructor
    [22/04/2008|20:46] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner

    [12/04/2008|00:36] C:\Users\MAXIMI~1\AppData\Roaming\eMule\config

    [08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\user.cyp
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\db
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\eoDesktop
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\ConfMedia.cyp
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\cmhost.cyp
    [08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\host.cyp
    [31/03/2008|21:28] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather.cfg
    [31/03/2008|21:25] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather

    [13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.DBF
    [13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.FPT
    [13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.CDX

    [01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
    [01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000

    [08/05/2008|01:10] C:\Users\MAXIMI~1\AppData\Roaming\Google\Local Search History
    [22/02/2008|19:19] C:\Users\MAXIMI~1\AppData\Roaming\Google\GoogleEarth

    [18/01/2008|23:05] C:\Users\MAXIMI~1\AppData\Roaming\gtk-2.0\gtkfilechooser

    [04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}

    [09/05/2008|23:41] C:\Users\MAXIMI~1\AppData\Roaming\ItsLabel\ItsTV

    [06/05/2008|18:24] C:\Users\MAXIMI~1\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml

    [10/05/2008|20:25] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\library.dat
    [10/05/2008|20:02] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\createtimes.cache
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\filters.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\questions.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\tables.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\installation.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\mojito.props
    [10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\limewire.props
    [09/05/2008|02:08] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.cache
    [08/05/2008|19:01] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\active.mojito
    [03/05/2008|23:58] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\spam.dat
    [22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttrees.cache
    [22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttroot.cache
    [22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\.AppSpecialShare
    [22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\gnutella.net
    [14/04/2008|09:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\version.xml
    [13/04/2008|22:49] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\simpp.xml
    [09/03/2008|02:00] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\responses.cache
    [04/03/2008|21:34] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\passive.mojito
    [29/02/2008|18:42] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\xml
    [29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.bak
    [29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\themes

    [08/05/2008|01:14] C:\Users\MAXIMI~1\AppData\Roaming\Macromedia\Flash Player


    [08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Installer
    [08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Office
    [08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OneNote
    [03/05/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows Photo Gallery
    [28/04/2008|21:32] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MSN Messenger
    [18/04/2008|08:01] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Templates
    [18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Document Building Blocks
    [18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Word
    [15/04/2008|21:43] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MMC
    [18/03/2008|23:00] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Speech
    [05/03/2008|09:54] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OIS
    [13/02/2008|23:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\HTML Help
    [24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Excel
    [24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\AddIns
    [09/01/2008|20:28] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\preuve
    [06/01/2008|20:17] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Internet Explorer
    [06/01/2008|20:13] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\IdentityCRL
    [05/01/2008|19:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows
    [05/01/2008|18:40] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Network
    [05/01/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Crypto
    [04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\SystemCertificates
    [04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Protect
    [04/01/2008|18:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Credentials

    [13/02/2008|23:37] C:\Users\MAXIMI~1\AppData\Roaming\Mozilla\Firefox


    [14/03/2008|23:52] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealMediaSDK
    [25/02/2008|18:32] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealPlayer

    [03/08/2000|20:36] C:\Users\MAXIMI~1\AppData\Roaming\Template\Normal.wpt

    [04/04/2008|08:52] C:\Users\MAXIMI~1\AppData\Roaming\UserTile.png\UserTile.png

    [27/02/2008|23:40] C:\Users\MAXIMI~1\AppData\Roaming\video-for-mobile\3gpMobile

    [01/05/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\vlc\vlcrc
    [29/02/2008|23:26] C:\Users\MAXIMI~1\AppData\Roaming\vlc\cache

    [11/02/2008|21:17] C:\Users\MAXIMI~1\AppData\Roaming\VUPlayer\default.vpl


    [29/04/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\wklnhst.dat\wklnhst.dat

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [10/05/2008 20:28][--ah-----] C:\Windows\tasks\SA.DAT
    [10/05/2008 20:25][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [06/05/2007|21:23] C:\ProgramData\Adobe
    [01/03/2008|16:20] C:\ProgramData\Apple
    [01/03/2008|16:23] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [26/04/2008|00:57] C:\ProgramData\AVS4YOU
    [02/03/2008|23:55] C:\ProgramData\BitDefender
    [04/01/2008|18:00] C:\ProgramData\Bureau
    [06/05/2007|21:34] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [11/02/2008|21:25] C:\ProgramData\Downloaded Installations
    [26/04/2008|00:38] C:\ProgramData\DVD Shrink
    [12/04/2008|00:43] C:\ProgramData\eMule
    [04/01/2008|18:14] C:\ProgramData\eSobi
    [04/01/2008|18:00] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [12/04/2008|16:36] C:\ProgramData\FaxCtr
    [08/05/2008|13:18] C:\ProgramData\Google
    [09/02/2008|12:46] C:\ProgramData\Logishrd
    [08/01/2008|19:38] C:\ProgramData\Logitech
    [08/05/2008|21:32] C:\ProgramData\Lx_cats
    [04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
    [10/01/2008|21:21] C:\ProgramData\Messenger Plus!
    [03/03/2008|00:31] C:\ProgramData\Microsoft
    [10/04/2008|11:57] C:\ProgramData\Microsoft Help
    [04/01/2008|18:00] C:\ProgramData\ModŠles
    [04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [14/02/2008|16:43] C:\ProgramData\Symantec
    [10/03/2008|21:42] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [27/04/2008|18:41] C:\ProgramData\TrackMania
    [11/03/2008|21:29] C:\ProgramData\Trymedia
    [31/01/2008|23:55] C:\ProgramData\Ulead Systems
    [03/04/2008|21:34] C:\ProgramData\WLInstaller
    [27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [06/05/2007|21:33] C:\Program Files\Acer Arcade Live
    [22/06/2007|02:00] C:\Program Files\Acer Inc
    [22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [06/05/2007|21:23] C:\Program Files\Adobe
    [03/03/2008|00:17] C:\Program Files\Alwil Software
    [22/06/2007|01:56] C:\Program Files\ATI
    [22/06/2007|01:57] C:\Program Files\ATI Technologies
    [30/04/2008|23:15] C:\Program Files\AVS4YOU
    [01/05/2008|23:54] C:\Program Files\bobyte
    [01/03/2008|16:22] C:\Program Files\Bonjour
    [08/05/2008|01:05] C:\Program Files\CCleaner
    [30/04/2008|23:21] C:\Program Files\Common Files
    [08/05/2008|13:24] C:\Program Files\Conduit
    [06/05/2007|21:30] C:\Program Files\CyberLink
    [14/01/2008|22:49] C:\Program Files\desktop.ini
    [17/03/2008|21:15] C:\Program Files\Dictionnaire
    [02/05/2008|00:01] C:\Program Files\Digital Video Converter
    [24/04/2008|23:18] C:\Program Files\DivX
    [08/05/2008|21:04] C:\Program Files\EoRezo
    [07/01/2008|22:36] C:\Program Files\eSobi
    [02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
    [04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [01/05/2008|20:10] C:\Program Files\FLV Player
    [01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
    [01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
    [01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
    [22/02/2008|19:04] C:\Program Files\Foreignword
    [08/05/2008|13:24] C:\Program Files\Freecorder
    [08/05/2008|13:24] C:\Program Files\Google
    [18/04/2008|20:38] C:\Program Files\Half-Life
    [01/04/2008|10:39] C:\Program Files\IEToolbar
    [16/04/2008|22:33] C:\Program Files\ImTOO
    [24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
    [10/04/2008|11:57] C:\Program Files\Internet Explorer
    [09/05/2008|23:42] C:\Program Files\ItsLabel
    [04/03/2008|20:32] C:\Program Files\Java
    [12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
    [12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
    [29/02/2008|18:38] C:\Program Files\LimeWire
    [09/02/2008|12:38] C:\Program Files\Logitech
    [17/04/2008|18:05] C:\Program Files\MediaCoder
    [08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [06/05/2007|21:22] C:\Program Files\Microsoft Office
    [04/01/2008|18:52] C:\Program Files\Microsoft Works
    [06/05/2007|21:20] C:\Program Files\Microsoft.NET
    [02/11/2006|14:42] C:\Program Files\Movie Maker
    [18/04/2008|21:06] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [02/11/2006|14:37] C:\Program Files\MSN
    [07/01/2008|18:26] C:\Program Files\MSXML 4.0
    [10/05/2008|00:08] C:\Program Files\Navilog1
    [13/01/2008|21:04] C:\Program Files\Neuf
    [30/04/2008|23:21] C:\Program Files\newObjects
    [06/05/2007|21:18] C:\Program Files\NewTech Infosystems
    [13/01/2008|20:50] C:\Program Files\Orange HSS
    [06/05/2008|22:31] C:\Program Files\Paint.NET
    [03/05/2008|13:44] C:\Program Files\PhotoFiltre
    [27/04/2008|20:59] C:\Program Files\Project64 1.6
    [01/03/2008|16:22] C:\Program Files\QuickTime
    [25/02/2008|18:26] C:\Program Files\Real
    [06/05/2007|21:05] C:\Program Files\Realtek
    [16/04/2008|20:42] C:\Program Files\Red Kawa
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [01/05/2008|20:49] C:\Program Files\Replay Converter
    [01/05/2008|20:48] C:\Program Files\Replay Media Catcher
    [26/03/2008|18:03] C:\Program Files\Samsung
    [05/01/2008|18:37] C:\Program Files\Securitoo
    [02/03/2008|23:54] C:\Program Files\Softwin
    [15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
    [10/05/2008|20:29] C:\Program Files\Steam
    [16/04/2008|16:17] C:\Program Files\TmNationsForever
    [09/05/2008|19:42] C:\Program Files\Trend Micro
    [20/04/2008|17:06] C:\Program Files\Ubisoft
    [01/02/2008|00:20] C:\Program Files\Ulead Systems
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [27/02/2008|23:39] C:\Program Files\Video-For-Mobile
    [01/05/2008|20:04] C:\Program Files\VideoLAN
    [27/01/2008|22:50] C:\Program Files\Virtools
    [24/04/2008|23:15] C:\Program Files\VirtualDJ
    [01/03/2008|15:42] C:\Program Files\VistaCodecPack
    [05/01/2008|18:33] C:\Program Files\Wanadoo
    [14/01/2008|22:46] C:\Program Files\Windows Calendar
    [02/11/2006|14:42] C:\Program Files\Windows Collaboration
    [10/01/2008|00:42] C:\Program Files\Windows Defender
    [02/11/2006|14:42] C:\Program Files\Windows Journal
    [06/01/2008|20:09] C:\Program Files\Windows Live
    [10/04/2008|11:57] C:\Program Files\Windows Mail
    [10/01/2008|00:42] C:\Program Files\Windows Media Player
    [04/01/2008|18:00] C:\Program Files\Windows NT
    [02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
    [11/01/2008|00:24] C:\Program Files\Windows Sidebar
    [11/04/2008|12:47] C:\Program Files\WinRAR
    [08/05/2008|13:15] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [06/05/2007|21:23] C:\Program Files\Common Files\Adobe
    [30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
    [06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
    [06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
    [29/02/2008|18:36] C:\Program Files\Common Files\Java
    [06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
    [09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
    [27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
    [06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
    [30/04/2008|23:21] C:\Program Files\Common Files\newObjects
    [06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
    [24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
    [25/02/2008|18:32] C:\Program Files\Common Files\Real
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [24/04/2008|22:14] C:\Program Files\Common Files\Softwin
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [08/05/2008|13:27] C:\Program Files\Common Files\Steam
    [14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
    [10/01/2008|00:42] C:\Program Files\Common Files\System
    [06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 64

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-10 20:30:23
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:19][Doss:5] C:\Users\MAXIMI~1\AppData\Local\Temp
    /!\ [Fich:118][Doss:1] C:\Users\MAXIMI~1\AppData\Roaming\MICROS~1\Windows\Cookies
    /!\ [Fich:3428][Doss:6] C:\Users\MAXIMI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 20:32:28,76 ]----------------------
    10 Mai 2008 20:44:36

    Tu tiens à Eoreozo ..?
    Anonyme
    10 Mai 2008 21:09:08

    non ... :D 
    11 Mai 2008 13:33:49

    Re,

    Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Eorezo
  • & co

    - Poste de travail/outils/option des dossiers/affichage/afficher les fichiers et dossiers cachés/Appliquer - - > OK
    - Poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d'exploitation./Appliquer - - > OK

    Tu recocheras après.

    Puis supprime les dossiers correspondants :
  • Dans Programfiles
  • Dans Programfiles\Fichiers communs
  • Dans %allusersprofile%\application data
    ( XP -> C:\Documents and Settings\All users\Application Data,
    Vista -> C:\Users\ton nom\appdata\roaming)
  • Etc ... (Tu peux rechercher les dossiers à supprimer par une recherche Windows [Démarrer\rechercher])

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.

    Supprime C:\ProgramData\ywasvxup.hvs
    Puis poste un nouveau rapport HijackThis.
    Anonyme
    11 Mai 2008 21:37:39

    euh la c'est pour XP .. tu n'aurais pas pour vista
    Anonyme
    11 Mai 2008 22:25:20

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 0:29:26, on 10/05/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\System32\p2phost.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
    O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
    O4 - Startup: Widget GAME ONE.lnk = ?
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://click.getmirar.com (HKLM)
    O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 8572 bytes
    11 Mai 2008 23:44:24

    De quoi qui est pour vista ?!

    Tu dois poster un nouveau rapport HijackThis :) 
    Anonyme
    12 Mai 2008 00:09:29

    bon je refait un rapport
    :D 
    Anonyme
    12 Mai 2008 00:19:29

    HijackThis ne veux plus s'ouvre par " executer en tant qu'administrateur " mais sa a marcher comme sa ./...
    Anonyme
    12 Mai 2008 00:19:38

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 0:29:26, on 10/05/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\System32\p2phost.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
    O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
    O4 - Startup: Widget GAME ONE.lnk = ?
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://click.getmirar.com (HKLM)
    O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 8572 bytes
    12 Mai 2008 11:01:41

    Toujours pas nouveau, tu en fais exprès ? :lol:  :lol: 

    Tu relances HijackThis, puis tu refais "Do a system scan and save a log file" et tu m'envoies le rapport généré.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS