Votre question

blem iexplore non résolu

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Avril 2008 13:39:47

Bonjour,

J'ai un problème avec iexplore. Il en apparait 2 dans le gestionnaire des tâches. J'ai déjà vu des sujets dessus, mais ils ont été marqué comme résolu, alors je ne sais s'il y aura encore du people qui passera dessus, je créer donc un nouveau sujet =P

Pourriez vous m'aider? voici mon hijackthis :



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:27:09, on 26/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
E:\Marc jr\autre\antivirus\aswUpdSv.exe
E:\Marc jr\autre\antivirus\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Marc jr\autre\antivirus\ashMaiSv.exe
E:\Marc jr\autre\antivirus\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
E:\MARCJR~1\autre\ANTIVI~1\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\Marc jr\autre\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://accountservices.passport.net/reg.srf?xpwiz=true...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [\\CompaqPAPA\EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\DOCUME~1\Rebecca\LOCALS~1\Temp\E_S6A.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [Cake Wipe Inside Wma] C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\owns extra.exe
O4 - HKLM\..\Run: [SMSTray] E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [avast!] E:\MARCJR~1\autre\ANTIVI~1\ashDisp.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Eq free] C:\DOCUME~1\Rebecca\APPLIC~1\ITCH32~1\link loud drv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com/
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Marc jr\autre\antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Marc jr\autre\antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Marc jr\autre\antivirus\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Marc jr\autre\antivirus\ashWebSv.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe (file missing)

--
End of file - 7014 bytes



merci d'avance

Autres pages sur : blem iexplore resolu

a b 8 Sécurité
26 Avril 2008 14:47:09

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    26 Avril 2008 20:00:34

    J'ai installé LOP S&D
    Mais après l'avoir installé, quand je double clik sur le raccourci sur le bureau, il me met :

    "le lecteur réseau ou la connexion réseau désigné par le raccourci 'LOP S&D.lnk' n'est pas disponible. Vérifiez que le disque est correctement inséré ou que la ressource réseau est disponible, puis recommencez."

    Je l'ai réinstallé à plusieurs reprises déjà...
    Contenus similaires
    26 Avril 2008 20:05:34

    ohh j'ai réglé le problème =D
    alors voici le rapport :


    Rapport lopxpMH2 version 2.0 fait à 20:03:53,92 le 26/04/2008
    C:\Documents and Settings\Rebecca\Bureau\lopxpMH2

    ******************************************
    ## Répertoires Application Data

    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\All Users\Application Data

    24/08/2005 20:50 <REP> .
    24/08/2005 20:50 <REP> ..
    10/01/2008 20:13 <REP> Adobe
    17/04/2008 11:02 <REP> Atrise
    21/04/2008 13:26 <REP> AVS4YOU
    24/08/2005 13:55 <REP> CyberLink
    23/04/2008 16:09 <REP> Downloaded Installations
    20/03/2007 23:21 <REP> EPSON
    12/04/2008 16:16 <REP> flag barb cake wipe
    13/04/2008 12:31 <REP> Messenger Plus!
    17/04/2008 22:49 <REP> MGS
    24/04/2008 19:19 <REP> Microgaming
    24/08/2005 20:50 <REP> Microsoft
    18/12/2006 22:42 <REP> MSN6
    18/12/2006 08:36 <REP> Skype
    24/08/2005 14:02 <REP> Symantec
    07/11/2006 18:59 <REP> Windows Genuine Advantage
    12/04/2008 15:50 <REP> WLInstaller
    24/08/2005 20:50 62 desktop.ini
    1 fichier(s) 62 octets
    18 Rép(s) 1 172 803 584 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\Default User\Application Data

    24/08/2005 20:50 <REP> .
    24/08/2005 20:50 <REP> ..
    26/11/2005 08:27 <REP> Adobe
    26/11/2005 08:27 <REP> Identities
    26/11/2005 08:27 <REP> Intel
    24/08/2005 20:50 <REP> Microsoft
    26/11/2005 08:27 <REP> Symantec
    26/11/2005 08:27 871 AdobeDLM.log
    24/08/2005 20:50 62 desktop.ini
    26/11/2005 08:27 0 dm.ini
    3 fichier(s) 933 octets
    7 Rép(s) 1 172 795 392 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

    24/08/2005 20:50 <REP> .
    24/08/2005 20:50 <REP> ..
    26/11/2005 08:27 <REP> Adobe
    26/11/2005 08:27 <REP> Microsoft
    26/11/2005 08:27 13 104 GDIPFONTCACHEV1.DAT
    26/11/2005 08:27 4 284 162 IconCache.db
    2 fichier(s) 4 297 266 octets
    4 Rép(s) 1 172 795 392 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\LocalService\Application Data

    24/08/2005 13:03 <REP> .
    24/08/2005 13:03 <REP> ..
    24/08/2005 13:03 <REP> Microsoft
    0 fichier(s) 0 octets
    3 Rép(s) 1 172 795 392 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

    24/08/2005 13:03 <REP> .
    24/08/2005 13:03 <REP> ..
    24/08/2005 13:03 <REP> Microsoft
    0 fichier(s) 0 octets
    3 Rép(s) 1 172 795 392 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\NetworkService\Application Data

    24/08/2005 13:03 <REP> .
    24/08/2005 13:03 <REP> ..
    24/08/2005 13:03 <REP> Microsoft
    0 fichier(s) 0 octets
    3 Rép(s) 1 172 795 392 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

    24/08/2005 13:03 <REP> .
    24/08/2005 13:03 <REP> ..
    24/08/2005 13:03 <REP> Microsoft
    0 fichier(s) 0 octets
    3 Rép(s) 1 172 791 296 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\Rebecca\Application Data

    26/11/2005 08:29 <REP> .
    26/11/2005 08:29 <REP> ..
    26/11/2005 08:29 <REP> Adobe
    23/12/2006 16:09 <REP> AdobeUM
    17/04/2008 11:02 <REP> Atrise
    21/04/2008 13:26 <REP> AVS4YOU
    26/11/2005 08:29 <REP> Identities
    20/04/2008 19:34 <REP> InstallShield
    26/11/2005 08:29 <REP> Intel
    12/04/2008 16:16 <REP> Itch32Bat
    30/03/2008 14:33 <REP> Lexmark Productivity Studio
    26/11/2005 13:09 <REP> Macromedia
    26/11/2005 08:29 <REP> Microsoft
    26/11/2005 13:03 <REP> Mozilla
    18/12/2006 22:42 <REP> MSN6
    18/12/2006 08:36 <REP> Skype
    18/02/2007 23:57 <REP> Sun
    26/11/2005 08:29 <REP> Symantec
    19/11/2007 12:40 <REP> U3
    26/11/2005 08:29 62 desktop.ini
    12/03/2007 22:42 26 144 GDIPFONTCACHEV1.DAT
    2 fichier(s) 26 206 octets
    19 Rép(s) 1 172 791 296 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Documents and Settings\Rebecca\Local Settings\Application Data

    26/11/2005 08:29 <REP> .
    26/11/2005 08:29 <REP> ..
    26/11/2005 08:29 <REP> Adobe
    04/12/2005 23:39 <REP> Identities
    26/11/2005 08:29 <REP> Microsoft
    29/10/2006 22:13 <REP> Mozilla
    18/02/2007 23:56 <REP> Sun
    12/03/2008 00:01 3 584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    26/11/2005 08:29 26 144 GDIPFONTCACHEV1.DAT
    26/11/2005 08:29 5 355 548 IconCache.db
    3 fichier(s) 5 385 276 octets
    7 Rép(s) 1 172 791 296 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

    24/08/2005 13:02 <REP> .
    24/08/2005 13:02 <REP> ..
    26/11/2005 08:28 <REP> Adobe
    26/11/2005 08:28 <REP> Identities
    26/11/2005 08:28 <REP> Intel
    24/08/2005 13:02 <REP> Microsoft
    26/11/2005 08:28 <REP> Symantec
    26/11/2005 08:28 871 AdobeDLM.log
    24/08/2005 13:02 62 desktop.ini
    26/11/2005 08:28 0 dm.ini
    3 fichier(s) 933 octets
    7 Rép(s) 1 172 791 296 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

    24/08/2005 13:02 <REP> .
    24/08/2005 13:02 <REP> ..
    26/11/2005 08:28 <REP> Adobe
    24/08/2005 14:38 <REP> Microsoft
    26/11/2005 08:28 13 104 GDIPFONTCACHEV1.DAT
    26/11/2005 08:28 4 284 162 IconCache.db
    2 fichier(s) 4 297 266 octets
    4 Rép(s) 1 172 791 296 octets libres

    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks


    C:\WINDOWS\Tasks\A8CDF1F8919E6228.job
    s "€!Ø . 9 c : \ d o c u m e ~ 1 \ r e b e c c a \ a p p l i c ~ 1 \ i t c h 3 2 ~ 1 \ e a c h m a p i l o n g . e x e R e b e c c a 0 Ì

    ******************************************
    ## Répertoires de C:\Program Files

    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 405B-CA9A

    Répertoire de C:\Program Files

    24/04/2008 20:33 <REP> .
    24/04/2008 20:33 <REP> ..
    24/08/2005 21:49 <REP> Adobe
    24/08/2005 13:19 <REP> AvRack
    21/04/2008 13:30 <REP> AVS4YOU
    21/04/2008 01:32 <REP> Circle Developement
    24/08/2005 12:56 <REP> ComPlus Applications
    26/04/2008 19:55 <REP> CyberLink
    24/08/2005 13:38 <REP> Elantech
    20/03/2007 23:21 <REP> EPSON
    21/04/2008 13:25 <REP> Fichiers communs
    27/11/2005 17:05 <REP> Intel
    17/04/2008 23:06 <REP> Internet Explorer
    12/04/2008 16:16 <REP> Itch32Bat
    21/02/2008 12:52 <REP> Java
    30/03/2008 14:26 <REP> Lexmark 3500-4500 Series
    20/04/2008 19:37 <REP> MarkAny
    12/04/2008 16:09 <REP> Messenger
    12/04/2008 16:16 <REP> Messenger Plus! Live
    13/04/2008 13:23 <REP> Microsoft CAPICOM 2.1.0.2
    24/08/2005 13:00 <REP> microsoft frontpage
    27/11/2005 16:51 <REP> Microsoft Office
    27/11/2005 16:51 <REP> Microsoft Visual Studio
    21/04/2008 12:37 <REP> MIKSOFT
    24/08/2005 14:26 <REP> Movie Maker
    26/04/2008 19:48 <REP> Mozilla Firefox
    12/04/2008 16:09 <REP> MSN
    24/08/2005 12:56 <REP> MSN Gaming Zone
    24/08/2005 14:22 <REP> NetMeeting
    30/11/2005 16:19 <REP> Norton AntiVirus
    24/03/2007 23:22 <REP> Olympus
    21/06/2007 16:50 <REP> Outlook Express
    26/11/2005 12:34 <REP> PowerQuest
    24/08/2005 13:19 <REP> Realtek Sound Manager
    12/04/2008 16:09 <REP> Services en ligne
    18/12/2006 08:36 <REP> Skype
    26/11/2005 12:19 <REP> Symantec
    26/11/2005 12:19 <REP> SymNetDrv
    12/04/2008 16:13 <REP> Windows Live
    22/12/2006 08:15 <REP> Windows Media Connect 2
    21/04/2008 10:46 <REP> Windows Media Player
    24/08/2005 14:22 <REP> Windows NT
    26/11/2005 12:59 <REP> WinRAR
    26/11/2005 12:57 <REP> WinZip
    24/08/2005 13:00 <REP> xerox
    0 fichier(s) 0 octets
    45 Rép(s) 1 172 787 200 octets libres

    ******************************************
    ## Popups autorisées

    * Internet Explorer

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
    host-domain-lookup.com REG_SZ
    www.host-domain-lookup.com REG_SZ
    mysearchnow.com REG_SZ
    www.mysearchnow.com REG_SZ

    * Mozilla Firefox (1 autorisé 2 interdit)

    ---------- C:\DOCUMENTS AND SETTINGS\REBECCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJT9H6ZS.DEFAULT\HOSTPERM.1
    host popup 1 cyworld.nate.com
    host popup 1 www.skyblog.com
    host popup 1 www.gametribe.com

    ******************************************
    ## Registre

    * [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    Cake Wipe Inside Wma REG_SZ C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\owns extra.exe

    * [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    Eq free REG_SZ C:\DOCUME~1\Rebecca\APPLIC~1\ITCH32~1\link loud drv.exe

    ******************************************
    ## Zones de sécurité

    * HKCU Domains (4)

    * P3P History (5)

    ******************************************
    ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


    *************** Fin du rapport ****************


    c'est le bon?
    26 Avril 2008 20:12:11

    ahhhh!!!!!!!! pardon pardon pardon
    je me suis trompé :??:  c ke j'avais pas tout compris :( 
    mais tout est réglé :sol:  j'ai trouvé et tout yeah =P
    alors voici le rapport =D



    -----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Rebecca ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 26/04/2008 | 20:07:39,34 ] [ PC : MAMAN ]
    [ MAJ : 26-04-2008 | 11:00 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [10/01/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [17/04/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atrise
    [21/04/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [24/08/2005|13:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [24/08/2005|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [23/04/2008|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [20/03/2007|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
    [12/04/2008|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
    [13/04/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/04/2008|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
    [24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
    [13/04/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [18/12/2006|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [18/12/2006|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [28/11/2005|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [07/11/2006|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [12/04/2008|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [24/08/2005|21:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [24/08/2005|21:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeDLM.log
    [24/08/2005|20:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [24/08/2005|21:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\dm.ini
    [24/08/2005|13:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [26/11/2005|13:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
    [24/08/2005|21:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [24/08/2005|14:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [24/08/2005|12:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [24/08/2005|12:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [22/04/2008|23:06] C:\DOCUME~1\Rebecca\APPLIC~1\Adobe
    [26/02/2008|16:00] C:\DOCUME~1\Rebecca\APPLIC~1\AdobeUM
    [17/04/2008|11:02] C:\DOCUME~1\Rebecca\APPLIC~1\Atrise
    [21/04/2008|13:26] C:\DOCUME~1\Rebecca\APPLIC~1\AVS4YOU
    [24/08/2005|20:50] C:\DOCUME~1\Rebecca\APPLIC~1\desktop.ini
    [12/03/2007|22:42] C:\DOCUME~1\Rebecca\APPLIC~1\GDIPFONTCACHEV1.DAT
    [24/08/2005|13:04] C:\DOCUME~1\Rebecca\APPLIC~1\Identities
    [20/04/2008|19:34] C:\DOCUME~1\Rebecca\APPLIC~1\InstallShield
    [26/11/2005|13:12] C:\DOCUME~1\Rebecca\APPLIC~1\Intel
    [12/04/2008|16:17] C:\DOCUME~1\Rebecca\APPLIC~1\Itch32Bat
    [30/03/2008|14:33] C:\DOCUME~1\Rebecca\APPLIC~1\Lexmark Productivity Studio
    [26/11/2005|13:09] C:\DOCUME~1\Rebecca\APPLIC~1\Macromedia
    [23/04/2008|19:06] C:\DOCUME~1\Rebecca\APPLIC~1\Microsoft
    [26/11/2005|13:03] C:\DOCUME~1\Rebecca\APPLIC~1\Mozilla
    [23/04/2008|01:04] C:\DOCUME~1\Rebecca\APPLIC~1\MSN6
    [26/04/2008|19:47] C:\DOCUME~1\Rebecca\APPLIC~1\Skype
    [18/02/2007|23:57] C:\DOCUME~1\Rebecca\APPLIC~1\Sun
    [26/11/2005|08:31] C:\DOCUME~1\Rebecca\APPLIC~1\Symantec
    [21/04/2008|18:13] C:\DOCUME~1\Rebecca\APPLIC~1\U3

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [26/04/2008 20:00][--ah-----] C:\WINDOWS\tasks\A8CDF1F8919E6228.job
    [26/04/2008 19:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    A8CDF1F8919E6228.job <--> c:\docume~1\rebecca\applic~1\itch32~1\each

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [24/08/2005|21:49] C:\Program Files\Adobe
    [24/08/2005|13:19] C:\Program Files\AvRack
    [21/04/2008|13:30] C:\Program Files\AVS4YOU
    [21/04/2008|01:32] C:\Program Files\Circle Developement
    [24/08/2005|12:56] C:\Program Files\ComPlus Applications
    [26/04/2008|19:55] C:\Program Files\CyberLink
    [24/08/2005|13:38] C:\Program Files\Elantech
    [20/03/2007|23:21] C:\Program Files\EPSON
    [21/04/2008|13:25] C:\Program Files\Fichiers communs
    [20/04/2008|19:36] C:\Program Files\InstallShield Installation Information
    [27/11/2005|17:05] C:\Program Files\Intel
    [17/04/2008|23:06] C:\Program Files\Internet Explorer
    [12/04/2008|16:16] C:\Program Files\Itch32Bat
    [21/02/2008|12:52] C:\Program Files\Java
    [30/03/2008|14:26] C:\Program Files\Lexmark 3500-4500 Series
    [20/04/2008|19:37] C:\Program Files\MarkAny
    [12/04/2008|16:09] C:\Program Files\Messenger
    [12/04/2008|16:16] C:\Program Files\Messenger Plus! Live
    [13/04/2008|13:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [24/08/2005|13:00] C:\Program Files\microsoft frontpage
    [27/11/2005|16:51] C:\Program Files\Microsoft Office
    [27/11/2005|16:51] C:\Program Files\Microsoft Visual Studio
    [21/04/2008|12:37] C:\Program Files\MIKSOFT
    [24/08/2005|14:26] C:\Program Files\Movie Maker
    [26/04/2008|19:48] C:\Program Files\Mozilla Firefox
    [12/04/2008|16:09] C:\Program Files\MSN
    [24/08/2005|12:56] C:\Program Files\MSN Gaming Zone
    [24/08/2005|14:22] C:\Program Files\NetMeeting
    [30/11/2005|16:19] C:\Program Files\Norton AntiVirus
    [24/03/2007|23:22] C:\Program Files\Olympus
    [21/06/2007|16:50] C:\Program Files\Outlook Express
    [26/11/2005|12:34] C:\Program Files\PowerQuest
    [24/08/2005|13:19] C:\Program Files\Realtek Sound Manager
    [12/04/2008|16:09] C:\Program Files\Services en ligne
    [18/12/2006|08:36] C:\Program Files\Skype
    [26/11/2005|12:19] C:\Program Files\Symantec
    [26/11/2005|12:19] C:\Program Files\SymNetDrv
    [24/08/2005|13:04] C:\Program Files\Uninstall Information
    [12/04/2008|16:13] C:\Program Files\Windows Live
    [22/12/2006|08:15] C:\Program Files\Windows Media Connect 2
    [21/04/2008|10:46] C:\Program Files\Windows Media Player
    [24/08/2005|14:22] C:\Program Files\Windows NT
    [24/08/2005|12:56] C:\Program Files\WindowsUpdate
    [26/11/2005|12:59] C:\Program Files\WinRAR
    [26/11/2005|12:57] C:\Program Files\WinZip
    [24/08/2005|13:00] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [26/02/2008|16:00] C:\Program Files\Fichiers communs\Adobe
    [21/04/2008|13:29] C:\Program Files\Fichiers communs\AVSMedia
    [27/11/2005|16:51] C:\Program Files\Fichiers communs\Designer
    [24/08/2005|13:37] C:\Program Files\Fichiers communs\InstallShield
    [18/02/2007|23:56] C:\Program Files\Fichiers communs\Java
    [15/04/2008|19:21] C:\Program Files\Fichiers communs\Microsoft Shared
    [24/08/2005|12:57] C:\Program Files\Fichiers communs\MSSoap
    [24/08/2005|20:51] C:\Program Files\Fichiers communs\ODBC
    [24/08/2005|12:57] C:\Program Files\Fichiers communs\Services
    [18/12/2006|08:36] C:\Program Files\Fichiers communs\Skype
    [24/08/2005|20:51] C:\Program Files\Fichiers communs\SpeechEngines
    [30/11/2005|16:19] C:\Program Files\Fichiers communs\Symantec Shared
    [21/06/2007|16:50] C:\Program Files\Fichiers communs\System
    [12/04/2008|16:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 28

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\DOCUME~1\Rebecca\LOCALS~1\Temp\bis123.exe

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\owns extra.exe
    C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1
    C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\each mapi long.exe
    C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\flap store second bolt.exe
    C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\link loud drv.exe
    C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\mlukqqrt.exe
    C:\Program Files\itch32~1
    C:\Program Files\Circle Developement
    C:\WINDOWS\Tasks\A8CDF1F8919E6228.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Eq free"="C:\\DOCUME~1\\Rebecca\\APPLIC~1\\ITCH32~1\\link loud drv.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Cake Wipe Inside Wma"="C:\\Documents and Settings\\All Users\\Application Data\\flag barb cake wipe\\owns extra.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-26 20:08:47
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:550][Doss:8] C:\DOCUME~1\Rebecca\LOCALS~1\Temp
    /!\ [Fich:134][Doss:0] C:\DOCUME~1\Rebecca\Cookies
    /!\ [Fich:4815][Doss:8] C:\DOCUME~1\Rebecca\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 20:09:37,31 ]----------------------


    j'y comprend rien moi!!! xD
    a b 8 Sécurité
    27 Avril 2008 13:35:57

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    28 Avril 2008 01:14:46

    Re,

    Voici le rapport :



    -----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Rebecca ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 28/04/2008 | 1:10:09,64 ] [ PC : MAMAN ]
    [ MAJ : 26-04-2008 | 11:00 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe\owns extra.exe
    Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\each mapi long.exe
    Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\flap store second bolt.exe
    Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\link loud drv.exe
    Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1\mlukqqrt.exe
    Supprimé! - C:\WINDOWS\Tasks\A8CDF1F8919E6228.job
    Supprimé! - C:\DOCUME~1\Rebecca\LOCALS~1\Temp\bis123.exe
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
    Supprimé! - C:\DOCUME~1\Rebecca\APPLIC~1\itch32~1
    Supprimé! - C:\Program Files\itch32~1
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [10/01/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [17/04/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Atrise
    [21/04/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [24/08/2005|13:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [24/08/2005|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [23/04/2008|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [20/03/2007|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
    [13/04/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/04/2008|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
    [24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
    [13/04/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [18/12/2006|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [18/12/2006|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [28/11/2005|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [07/11/2006|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [12/04/2008|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [24/08/2005|21:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [24/08/2005|21:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeDLM.log
    [24/08/2005|20:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [24/08/2005|21:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\dm.ini
    [24/08/2005|13:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [26/11/2005|13:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
    [24/08/2005|21:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [24/08/2005|14:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [24/08/2005|12:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [24/08/2005|12:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [22/04/2008|23:06] C:\DOCUME~1\Rebecca\APPLIC~1\Adobe
    [26/02/2008|16:00] C:\DOCUME~1\Rebecca\APPLIC~1\AdobeUM
    [17/04/2008|11:02] C:\DOCUME~1\Rebecca\APPLIC~1\Atrise
    [21/04/2008|13:26] C:\DOCUME~1\Rebecca\APPLIC~1\AVS4YOU
    [24/08/2005|20:50] C:\DOCUME~1\Rebecca\APPLIC~1\desktop.ini
    [12/03/2007|22:42] C:\DOCUME~1\Rebecca\APPLIC~1\GDIPFONTCACHEV1.DAT
    [24/08/2005|13:04] C:\DOCUME~1\Rebecca\APPLIC~1\Identities
    [20/04/2008|19:34] C:\DOCUME~1\Rebecca\APPLIC~1\InstallShield
    [26/11/2005|13:12] C:\DOCUME~1\Rebecca\APPLIC~1\Intel
    [30/03/2008|14:33] C:\DOCUME~1\Rebecca\APPLIC~1\Lexmark Productivity Studio
    [26/11/2005|13:09] C:\DOCUME~1\Rebecca\APPLIC~1\Macromedia
    [23/04/2008|19:06] C:\DOCUME~1\Rebecca\APPLIC~1\Microsoft
    [26/11/2005|13:03] C:\DOCUME~1\Rebecca\APPLIC~1\Mozilla
    [23/04/2008|01:04] C:\DOCUME~1\Rebecca\APPLIC~1\MSN6
    [28/04/2008|01:06] C:\DOCUME~1\Rebecca\APPLIC~1\Skype
    [18/02/2007|23:57] C:\DOCUME~1\Rebecca\APPLIC~1\Sun
    [26/11/2005|08:31] C:\DOCUME~1\Rebecca\APPLIC~1\Symantec
    [21/04/2008|18:13] C:\DOCUME~1\Rebecca\APPLIC~1\U3

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [28/04/2008 01:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [24/08/2005|21:49] C:\Program Files\Adobe
    [24/08/2005|13:19] C:\Program Files\AvRack
    [21/04/2008|13:30] C:\Program Files\AVS4YOU
    [24/08/2005|12:56] C:\Program Files\ComPlus Applications
    [26/04/2008|19:55] C:\Program Files\CyberLink
    [24/08/2005|13:38] C:\Program Files\Elantech
    [20/03/2007|23:21] C:\Program Files\EPSON
    [21/04/2008|13:25] C:\Program Files\Fichiers communs
    [20/04/2008|19:36] C:\Program Files\InstallShield Installation Information
    [27/11/2005|17:05] C:\Program Files\Intel
    [17/04/2008|23:06] C:\Program Files\Internet Explorer
    [21/02/2008|12:52] C:\Program Files\Java
    [30/03/2008|14:26] C:\Program Files\Lexmark 3500-4500 Series
    [20/04/2008|19:37] C:\Program Files\MarkAny
    [12/04/2008|16:09] C:\Program Files\Messenger
    [12/04/2008|16:16] C:\Program Files\Messenger Plus! Live
    [13/04/2008|13:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [24/08/2005|13:00] C:\Program Files\microsoft frontpage
    [27/11/2005|16:51] C:\Program Files\Microsoft Office
    [27/11/2005|16:51] C:\Program Files\Microsoft Visual Studio
    [21/04/2008|12:37] C:\Program Files\MIKSOFT
    [24/08/2005|14:26] C:\Program Files\Movie Maker
    [28/04/2008|01:08] C:\Program Files\Mozilla Firefox
    [12/04/2008|16:09] C:\Program Files\MSN
    [24/08/2005|12:56] C:\Program Files\MSN Gaming Zone
    [24/08/2005|14:22] C:\Program Files\NetMeeting
    [30/11/2005|16:19] C:\Program Files\Norton AntiVirus
    [24/03/2007|23:22] C:\Program Files\Olympus
    [21/06/2007|16:50] C:\Program Files\Outlook Express
    [26/11/2005|12:34] C:\Program Files\PowerQuest
    [24/08/2005|13:19] C:\Program Files\Realtek Sound Manager
    [12/04/2008|16:09] C:\Program Files\Services en ligne
    [18/12/2006|08:36] C:\Program Files\Skype
    [26/11/2005|12:19] C:\Program Files\Symantec
    [26/11/2005|12:19] C:\Program Files\SymNetDrv
    [24/08/2005|13:04] C:\Program Files\Uninstall Information
    [12/04/2008|16:13] C:\Program Files\Windows Live
    [22/12/2006|08:15] C:\Program Files\Windows Media Connect 2
    [21/04/2008|10:46] C:\Program Files\Windows Media Player
    [24/08/2005|14:22] C:\Program Files\Windows NT
    [24/08/2005|12:56] C:\Program Files\WindowsUpdate
    [26/11/2005|12:59] C:\Program Files\WinRAR
    [26/11/2005|12:57] C:\Program Files\WinZip
    [24/08/2005|13:00] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [26/02/2008|16:00] C:\Program Files\Fichiers communs\Adobe
    [21/04/2008|13:29] C:\Program Files\Fichiers communs\AVSMedia
    [27/11/2005|16:51] C:\Program Files\Fichiers communs\Designer
    [24/08/2005|13:37] C:\Program Files\Fichiers communs\InstallShield
    [18/02/2007|23:56] C:\Program Files\Fichiers communs\Java
    [15/04/2008|19:21] C:\Program Files\Fichiers communs\Microsoft Shared
    [24/08/2005|12:57] C:\Program Files\Fichiers communs\MSSoap
    [24/08/2005|20:51] C:\Program Files\Fichiers communs\ODBC
    [24/08/2005|12:57] C:\Program Files\Fichiers communs\Services
    [18/12/2006|08:36] C:\Program Files\Fichiers communs\Skype
    [24/08/2005|20:51] C:\Program Files\Fichiers communs\SpeechEngines
    [30/11/2005|16:19] C:\Program Files\Fichiers communs\Symantec Shared
    [21/06/2007|16:50] C:\Program Files\Fichiers communs\System
    [12/04/2008|16:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 31

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-28 01:11:48
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:564][Doss:8] C:\DOCUME~1\Rebecca\LOCALS~1\Temp
    /!\ [Fich:134][Doss:0] C:\DOCUME~1\Rebecca\Cookies
    /!\ [Fich:4815][Doss:8] C:\DOCUME~1\Rebecca\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 1:13:25,17 ]----------------------
    a b 8 Sécurité
    28 Avril 2008 14:12:51

    Reposte un rapport Hijackthis.
    28 Avril 2008 19:45:18

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:44:24, on 28/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    E:\Marc jr\autre\antivirus\aswUpdSv.exe
    E:\Marc jr\autre\antivirus\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    c:\windows\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    E:\Marc jr\autre\antivirus\ashMaiSv.exe
    E:\Marc jr\autre\antivirus\ashWebSv.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    E:\MARCJR~1\autre\ANTIVI~1\ashDisp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    E:\Marc jr\autre\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://accountservices.passport.net/reg.srf?xpwiz=true...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [\\CompaqPAPA\EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\DOCUME~1\Rebecca\LOCALS~1\Temp\E_S6A.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
    O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
    O4 - HKLM\..\Run: [SMSTray] E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
    O4 - HKLM\..\Run: [avast!] E:\MARCJR~1\autre\ANTIVI~1\ashDisp.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com/
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Marc jr\autre\antivirus\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - E:\Marc jr\autre\antivirus\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Marc jr\autre\antivirus\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - E:\Marc jr\autre\antivirus\ashWebSv.exe
    O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
    O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
    O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
    O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe (file missing)

    --
    End of file - 6851 bytes
    29 Avril 2008 10:00:10

    L'est bien Antivir, enfin, je pense =P




    Avira AntiVir Personal
    Report file date: mardi 29 avril 2008 09:10

    Scanning for 1243285 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: MAMAN

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 28/04/2008 20:55:29
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 28/04/2008 20:55:29
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/04/2008 20:55:29
    LUKERES.DLL : 8.1.2.1 12033 Bytes 28/04/2008 20:55:29
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 20:55:30
    ANTIVIR2.VDF : 7.0.3.197 1260032 Bytes 22/04/2008 20:55:30
    ANTIVIR3.VDF : 7.0.3.224 212992 Bytes 28/04/2008 20:55:30
    Engineversion : 8.1.0.35
    AEVDF.DLL : 8.1.0.5 102772 Bytes 28/04/2008 20:55:30
    AESCRIPT.DLL : 8.1.0.27 233851 Bytes 28/04/2008 20:55:30
    AESCN.DLL : 8.1.0.14 119156 Bytes 28/04/2008 20:55:30
    AERDL.DLL : 8.1.0.20 418165 Bytes 28/04/2008 20:55:30
    AEPACK.DLL : 8.1.1.2 364917 Bytes 28/04/2008 20:55:30
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 28/04/2008 20:55:30
    AEHEUR.DLL : 8.1.0.20 1196406 Bytes 28/04/2008 20:55:30
    AEHELP.DLL : 8.1.0.14 115063 Bytes 28/04/2008 20:55:30
    AEGEN.DLL : 8.1.0.18 299381 Bytes 28/04/2008 20:55:30
    AEEMU.DLL : 8.1.0.5 430450 Bytes 28/04/2008 20:55:30
    AECORE.DLL : 8.1.0.27 168310 Bytes 28/04/2008 20:55:30
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 28/04/2008 20:55:29
    AVPREF.DLL : 8.0.0.1 25857 Bytes 28/04/2008 20:55:29
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVREG.DLL : 8.0.0.0 30977 Bytes 28/04/2008 20:55:29
    AVARKT.DLL : 1.0.0.23 307457 Bytes 28/04/2008 20:55:29
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/04/2008 20:55:29
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 28/04/2008 20:55:29
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 28/04/2008 20:55:29
    NETNT.DLL : 8.0.0.1 7937 Bytes 28/04/2008 20:55:29
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 28/04/2008 20:55:24
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 28/04/2008 20:55:24

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, E:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mardi 29 avril 2008 09:10

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'skypePM.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
    Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'Skype.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'MaAgent.exe' - '1' Module(s) have been scanned
    Scan process 'SMSTray.exe' - '1' Module(s) have been scanned
    Scan process 'lxdiamon.exe' - '1' Module(s) have been scanned
    Scan process 'lxdimon.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
    Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
    Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
    Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SNDSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'o2flash.exe' - '1' Module(s) have been scanned
    Scan process 'mdm.exe' - '1' Module(s) have been scanned
    Scan process 'lxdicoms.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    39 processes with 39 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'E:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '31' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP100\A0013514.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was moved to '4846cf3f.qua'!
    C:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP111\A0019232.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was deleted!
    C:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP113\A0019424.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was deleted!
    C:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP113\A0019425.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was deleted!
    Begin scan in 'E:\'
    E:\System Volume Information\_restore{E79C5B59-00CF-433D-9E44-48BFAEFF237E}\RP111\A0019115.INF
    [DETECTION] Is the Trojan horse TR/Agent.123
    [NOTE] The file was deleted!


    End of the scan: mardi 29 avril 2008 09:59
    Used time: 49:02 min

    The scan has been done completely.

    4270 Scanning directories
    248358 Files were scanned
    5 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    4 files were deleted
    0 files were repaired
    1 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    248353 Files not concerned
    6500 Archives were scanned
    1 Warnings
    5 Notes

    a b 8 Sécurité
    29 Avril 2008 12:44:24

    Reposte un rapport Hijackthis.
    30 Avril 2008 01:09:30

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:09:16, on 30/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
    C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
    E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
    C:\WINDOWS\system32\lxdicoms.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\o2flash.exe
    c:\windows\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Skype\Plugin Manager\SkypePM.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    E:\Marc jr\autre\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://accountservices.passport.net/reg.srf?xpwiz=true...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [\\CompaqPAPA\EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\DOCUME~1\Rebecca\LOCALS~1\Temp\E_S6A.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
    O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
    O4 - HKLM\..\Run: [SMSTray] E:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.averatec.com/
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
    O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
    O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
    O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\svchost.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Security Services Internet (winmech) - Unknown owner - C:\WINDOWS\winmech\NTSERV~1\srunner.exe (file missing)

    --
    End of file - 7332 bytes
    a b 8 Sécurité
    30 Avril 2008 15:52:26

    Encore des soucis ?
    1 Mai 2008 00:25:37

    Merci pour ton aide, le PC dont je me suis servi n'a plus de problème, c'est génial, merci beaucoup.

    Maintenant, je suis sur un autre PC, un DELL inspiron 9200. Quand j'allume le PC, il me met :

    "Memory write/read failure at 7FFE0000, read FE19FE11 expecting FE11FE11
    Memory address line failure at 7FFE0000, read FE11FE11 expecting 01010101
    Memory write/read failure at 40000008, read 00E700EF expecting 00EF00EF
    Decreasing available memory
    Strike the F1 key to continue, F2 to run the setup utility"

    Est-ce que c'est un problème de carte mémoire ou d'autres matériels informatique?
    1 Mai 2008 01:07:01

    Sinon, sur ce même ordi, j'ai iexplore qui est aussi apparu T.T
    Je sais pas comment cela se fait!!! o_o
    C'est si étrange...

    Voici le rapport HijackThis :



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:06:09, on 01/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\Apoint\HidFind.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\dvd meet.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Fast Love] C:\DOCUME~1\Marco\APPLIC~1\PLANPA~1\Book Tray.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --
    End of file - 4508 bytes




    Désolé si j'ai tellement de problème T.T
    a b 8 Sécurité
    1 Mai 2008 14:19:29

    Refais un scan LopSD option 1 :) 
    3 Mai 2008 00:29:06

    Yes! Voici le rapport de LopSD =D



    -----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Marco ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 03/05/2008 | 0:15:41,58 ] [ PC : MARCO-DELL ]
    [ MAJ : 30-04-2008 | 18:35 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [01/05/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [01/05/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [30/04/2008|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [01/05/2008|00:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    [30/04/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [01/05/2008|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [30/04/2008|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
    [01/05/2008|02:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [01/05/2008|00:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [01/05/2008|01:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [30/04/2008|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [30/04/2008|19:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [30/04/2008|18:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
    [30/04/2008|18:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [30/04/2008|18:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
    [30/04/2008|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [30/04/2008|22:07] C:\DOCUME~1\Marco\APPLIC~1\Adobe
    [01/05/2008|01:50] C:\DOCUME~1\Marco\APPLIC~1\Apple Computer
    [30/04/2008|19:48] C:\DOCUME~1\Marco\APPLIC~1\desktop.ini
    [30/04/2008|18:17] C:\DOCUME~1\Marco\APPLIC~1\Identities
    [30/04/2008|18:34] C:\DOCUME~1\Marco\APPLIC~1\Intel
    [30/04/2008|22:09] C:\DOCUME~1\Marco\APPLIC~1\Macromedia
    [01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\Media Player Classic
    [01/05/2008|02:11] C:\DOCUME~1\Marco\APPLIC~1\Microsoft
    [30/04/2008|22:50] C:\DOCUME~1\Marco\APPLIC~1\Mozilla
    [01/05/2008|00:46] C:\DOCUME~1\Marco\APPLIC~1\PLAN PART
    [30/04/2008|22:51] C:\DOCUME~1\Marco\APPLIC~1\Talkback
    [30/04/2008|18:30] C:\DOCUME~1\Marco\APPLIC~1\U3
    [01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\WinRAR

    [30/04/2008|18:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
    [30/04/2008|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [01/05/2008 01:46][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [01/05/2008 23:00][--ah-----] C:\WINDOWS\tasks\AE289853918B0897.job
    [03/05/2008 00:10][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [19/08/2004 22:01][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    AE289853918B0897.job <--> c:\docume~1\marco\applic~1\planpa~1\DaleSeekDraw.exe

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [30/04/2008|22:19] C:\Program Files\Ahead
    [30/04/2008|22:09] C:\Program Files\Apoint
    [01/05/2008|01:46] C:\Program Files\Apple Software Update
    [30/04/2008|22:17] C:\Program Files\ATI Technologies
    [30/04/2008|22:59] C:\Program Files\Avira
    [01/05/2008|01:49] C:\Program Files\Bonjour
    [01/05/2008|00:45] C:\Program Files\Circle Developement
    [30/04/2008|17:57] C:\Program Files\ComPlus Applications
    [01/05/2008|01:45] C:\Program Files\Fichiers communs
    [01/05/2008|01:33] C:\Program Files\InstallShield Installation Information
    [30/04/2008|18:33] C:\Program Files\Intel
    [01/05/2008|00:04] C:\Program Files\Internet Explorer
    [01/05/2008|01:49] C:\Program Files\iPod
    [01/05/2008|00:03] C:\Program Files\Messenger
    [01/05/2008|00:45] C:\Program Files\Messenger Plus! Live
    [30/04/2008|18:02] C:\Program Files\microsoft frontpage
    [30/04/2008|17:58] C:\Program Files\Movie Maker
    [03/05/2008|00:13] C:\Program Files\Mozilla Firefox
    [30/04/2008|17:55] C:\Program Files\MSN
    [30/04/2008|17:56] C:\Program Files\MSN Gaming Zone
    [01/05/2008|23:01] C:\Program Files\MSXML 6.0
    [30/04/2008|17:58] C:\Program Files\NetMeeting
    [30/04/2008|17:56] C:\Program Files\Online Services
    [01/05/2008|00:02] C:\Program Files\Outlook Express
    [01/05/2008|00:46] C:\Program Files\PLAN PART
    [30/04/2008|17:59] C:\Program Files\Services en ligne
    [30/04/2008|22:10] C:\Program Files\SigmaTel
    [01/05/2008|01:05] C:\Program Files\Trend Micro
    [30/04/2008|18:17] C:\Program Files\Uninstall Information
    [01/05/2008|02:11] C:\Program Files\Western Digital Technologies
    [01/05/2008|00:43] C:\Program Files\Windows Live
    [01/05/2008|00:02] C:\Program Files\Windows Media Player
    [30/04/2008|17:56] C:\Program Files\Windows NT
    [30/04/2008|18:00] C:\Program Files\WindowsUpdate
    [30/04/2008|18:02] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [30/04/2008|22:19] C:\Program Files\Fichiers communs\Ahead
    [01/05/2008|01:45] C:\Program Files\Fichiers communs\Apple
    [01/05/2008|01:32] C:\Program Files\Fichiers communs\InstallShield
    [01/05/2008|00:40] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/04/2008|17:58] C:\Program Files\Fichiers communs\MSSoap
    [30/04/2008|19:48] C:\Program Files\Fichiers communs\ODBC
    [30/04/2008|17:58] C:\Program Files\Fichiers communs\Services
    [30/04/2008|19:48] C:\Program Files\Fichiers communs\SpeechEngines
    [01/05/2008|00:02] C:\Program Files\Fichiers communs\System
    [01/05/2008|00:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 46

    IEXPLORE.EXE ~ [408]
    IEXPLORE.EXE ~ [2556]

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\DOCUME~1\Marco\LOCALS~1\Temp\bis39.exe

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\dvd meet.exe
    C:\DOCUME~1\Marco\APPLIC~1\planpa~1
    C:\DOCUME~1\Marco\APPLIC~1\planpa~1\Book Tray.exe
    C:\DOCUME~1\Marco\APPLIC~1\planpa~1\DaleSeekDraw.exe
    C:\DOCUME~1\Marco\APPLIC~1\planpa~1\hgscwgnl.exe
    C:\DOCUME~1\Marco\APPLIC~1\planpa~1\LIES THIS CHIN PEAK.exe
    C:\Program Files\planpa~1
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\WINDOWS\Tasks\AE289853918B0897.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Fast Love"="C:\\DOCUME~1\\Marco\\APPLIC~1\\PLANPA~1\\Book Tray.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\dvd meet.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-03 00:23:10
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    C:\WINDOWS\System32\drivers\etc\hosts.xpz 0 bytes
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:207][Doss:39] C:\DOCUME~1\Marco\LOCALS~1\Temp
    /!\ [Fich:39][Doss:0] C:\DOCUME~1\Marco\Cookies
    /!\ [Fich:821][Doss:4] C:\DOCUME~1\Marco\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 0:26:40,56 ]----------------------
    a b 8 Sécurité
    3 Mai 2008 13:47:17

    Relance l'option 2.
    3 Mai 2008 14:42:46

    C fait =]



    -----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Marco ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 03/05/2008 | 14:39:16,38 ] [ PC : MARCO-DELL ]
    [ MAJ : 30-04-2008 | 18:35 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\dvd meet.exe
    Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\Book Tray.exe
    Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\DaleSeekDraw.exe
    Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\hgscwgnl.exe
    Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\LIES THIS CHIN PEAK.exe
    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\WINDOWS\Tasks\AE289853918B0897.job
    Supprimé! - C:\DOCUME~1\Marco\LOCALS~1\Temp\bis39.exe
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1
    Supprimé! - C:\Program Files\planpa~1
    Supprimé! - C:\Program Files\Circle Developement

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [01/05/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [01/05/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [30/04/2008|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [30/04/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [01/05/2008|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [30/04/2008|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
    [01/05/2008|02:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [01/05/2008|00:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [01/05/2008|01:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [01/05/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [30/04/2008|19:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [30/04/2008|18:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
    [30/04/2008|18:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [30/04/2008|18:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
    [30/04/2008|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [30/04/2008|22:07] C:\DOCUME~1\Marco\APPLIC~1\Adobe
    [01/05/2008|01:50] C:\DOCUME~1\Marco\APPLIC~1\Apple Computer
    [30/04/2008|19:48] C:\DOCUME~1\Marco\APPLIC~1\desktop.ini
    [30/04/2008|18:17] C:\DOCUME~1\Marco\APPLIC~1\Identities
    [30/04/2008|18:34] C:\DOCUME~1\Marco\APPLIC~1\Intel
    [30/04/2008|22:09] C:\DOCUME~1\Marco\APPLIC~1\Macromedia
    [01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\Media Player Classic
    [01/05/2008|02:11] C:\DOCUME~1\Marco\APPLIC~1\Microsoft
    [30/04/2008|22:50] C:\DOCUME~1\Marco\APPLIC~1\Mozilla
    [30/04/2008|22:51] C:\DOCUME~1\Marco\APPLIC~1\Talkback
    [30/04/2008|18:30] C:\DOCUME~1\Marco\APPLIC~1\U3
    [01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\WinRAR

    [30/04/2008|18:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
    [30/04/2008|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [01/05/2008 01:46][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [03/05/2008 13:39][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [19/08/2004 22:01][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [30/04/2008|22:19] C:\Program Files\Ahead
    [30/04/2008|22:09] C:\Program Files\Apoint
    [01/05/2008|01:46] C:\Program Files\Apple Software Update
    [30/04/2008|22:17] C:\Program Files\ATI Technologies
    [30/04/2008|22:59] C:\Program Files\Avira
    [01/05/2008|01:49] C:\Program Files\Bonjour
    [30/04/2008|17:57] C:\Program Files\ComPlus Applications
    [01/05/2008|01:45] C:\Program Files\Fichiers communs
    [01/05/2008|01:33] C:\Program Files\InstallShield Installation Information
    [30/04/2008|18:33] C:\Program Files\Intel
    [01/05/2008|00:04] C:\Program Files\Internet Explorer
    [01/05/2008|01:49] C:\Program Files\iPod
    [01/05/2008|00:03] C:\Program Files\Messenger
    [01/05/2008|00:45] C:\Program Files\Messenger Plus! Live
    [30/04/2008|18:02] C:\Program Files\microsoft frontpage
    [30/04/2008|17:58] C:\Program Files\Movie Maker
    [03/05/2008|14:38] C:\Program Files\Mozilla Firefox
    [30/04/2008|17:55] C:\Program Files\MSN
    [30/04/2008|17:56] C:\Program Files\MSN Gaming Zone
    [01/05/2008|23:01] C:\Program Files\MSXML 6.0
    [30/04/2008|17:58] C:\Program Files\NetMeeting
    [30/04/2008|17:56] C:\Program Files\Online Services
    [01/05/2008|00:02] C:\Program Files\Outlook Express
    [30/04/2008|17:59] C:\Program Files\Services en ligne
    [30/04/2008|22:10] C:\Program Files\SigmaTel
    [01/05/2008|01:05] C:\Program Files\Trend Micro
    [30/04/2008|18:17] C:\Program Files\Uninstall Information
    [01/05/2008|02:11] C:\Program Files\Western Digital Technologies
    [01/05/2008|00:43] C:\Program Files\Windows Live
    [01/05/2008|00:02] C:\Program Files\Windows Media Player
    [30/04/2008|17:56] C:\Program Files\Windows NT
    [30/04/2008|18:00] C:\Program Files\WindowsUpdate
    [30/04/2008|18:02] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [30/04/2008|22:19] C:\Program Files\Fichiers communs\Ahead
    [01/05/2008|01:45] C:\Program Files\Fichiers communs\Apple
    [01/05/2008|01:32] C:\Program Files\Fichiers communs\InstallShield
    [01/05/2008|00:40] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/04/2008|17:58] C:\Program Files\Fichiers communs\MSSoap
    [30/04/2008|19:48] C:\Program Files\Fichiers communs\ODBC
    [30/04/2008|17:58] C:\Program Files\Fichiers communs\Services
    [30/04/2008|19:48] C:\Program Files\Fichiers communs\SpeechEngines
    [01/05/2008|00:02] C:\Program Files\Fichiers communs\System
    [01/05/2008|00:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 40

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-03 14:41:22
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:206][Doss:40] C:\DOCUME~1\Marco\LOCALS~1\Temp
    /!\ [Fich:67][Doss:0] C:\DOCUME~1\Marco\Cookies
    /!\ [Fich:1468][Doss:4] C:\DOCUME~1\Marco\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 14:41:48,09 ]----------------------
    a b 8 Sécurité
    3 Mai 2008 16:04:44

    Reposte un rapport Hijackthis.
    3 Mai 2008 17:27:43

    Voici le rapport HijackThis


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:27:06, on 03/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    E:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe
    E:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Apoint\HidFind.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    E:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [HerculesCamService] E:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe
    O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SuperCopier2.exe] E:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --
    End of file - 5782 bytes
    a b 8 Sécurité
    3 Mai 2008 18:05:26

    Encore des problèmes ?
    4 Mai 2008 19:52:38

    Et bien oui... Je suis sur un autre pc, encore une fois.
    Voici son rapport HijackThis :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:52:24, on 04/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\Build Flap.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [soft enc] C:\DOCUME~1\baoul\APPLIC~1\GLUESA~1\MoreOpenMail.exe
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
    O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 5789 bytes
    4 Mai 2008 19:56:29

    Et au cas où t'en aurais déjà besoin, voici un rapport LopSD



    -----------------------[ Lop S&D 4.2.0-6 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : baoul ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 04/05/2008 | 19:53:26,91 ] [ PC : XPSP2-5067F86E7 ]
    [ MAJ : 04-05-2008 | 14:40 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [15/04/2008|08:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [06/04/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [06/04/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [06/04/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [12/04/2008|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [29/04/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [07/04/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [13/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [28/04/2008|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
    [06/04/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [06/04/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [11/04/2008|09:45] C:\DOCUME~1\baoul\APPLIC~1\Adobe
    [15/04/2008|10:44] C:\DOCUME~1\baoul\APPLIC~1\Ahead
    [15/04/2008|08:31] C:\DOCUME~1\baoul\APPLIC~1\Apple Computer
    [06/04/2008|19:38] C:\DOCUME~1\baoul\APPLIC~1\desktop.ini
    [28/04/2008|03:03] C:\DOCUME~1\baoul\APPLIC~1\GLUE SAVE
    [06/04/2008|17:58] C:\DOCUME~1\baoul\APPLIC~1\Identities
    [06/04/2008|18:59] C:\DOCUME~1\baoul\APPLIC~1\Lavasoft
    [30/04/2008|21:45] C:\DOCUME~1\baoul\APPLIC~1\LimeWire
    [11/04/2008|09:45] C:\DOCUME~1\baoul\APPLIC~1\Macromedia
    [30/04/2008|23:43] C:\DOCUME~1\baoul\APPLIC~1\MeuhMeuhTV
    [07/04/2008|11:58] C:\DOCUME~1\baoul\APPLIC~1\Microsoft
    [06/04/2008|19:43] C:\DOCUME~1\baoul\APPLIC~1\Mozilla
    [04/05/2008|19:25] C:\DOCUME~1\baoul\APPLIC~1\OpenOffice.org2
    [29/04/2008|00:21] C:\DOCUME~1\baoul\APPLIC~1\Samsung
    [06/04/2008|21:33] C:\DOCUME~1\baoul\APPLIC~1\Sun
    [04/05/2008|19:32] C:\DOCUME~1\baoul\APPLIC~1\U3
    [30/04/2008|22:34] C:\DOCUME~1\baoul\APPLIC~1\vlc
    [06/04/2008|19:47] C:\DOCUME~1\baoul\APPLIC~1\WinRAR

    [06/04/2008|19:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [06/04/2008|17:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [06/04/2008|17:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [06/04/2008|17:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [01/05/2008 23:00][--ah-----] C:\WINDOWS\tasks\A662B21F91852A8F.job
    [07/04/2008 08:30][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [04/05/2008 19:24][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    A662B21F91852A8F.job <--> c:\docume~1\baoul\applic~1\gluesa~1\onetimepart.exe

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [01/05/2008|18:59] C:\Program Files\adslTV
    [15/04/2008|08:39] C:\Program Files\Ahead
    [06/04/2008|18:24] C:\Program Files\Analog Devices
    [06/04/2008|19:01] C:\Program Files\Apple Software Update
    [06/04/2008|18:28] C:\Program Files\ATI Technologies
    [06/04/2008|19:01] C:\Program Files\Bonjour
    [06/04/2008|18:52] C:\Program Files\Circle Developement
    [12/04/2008|22:54] C:\Program Files\Common Files
    [06/04/2008|17:45] C:\Program Files\ComPlus Applications
    [06/04/2008|20:12] C:\Program Files\CursorXP
    [12/04/2008|11:03] C:\Program Files\DivX
    [01/05/2008|00:33] C:\Program Files\DMV
    [28/04/2008|11:28] C:\Program Files\eMule
    [28/04/2008|23:55] C:\Program Files\Fichiers communs
    [28/04/2008|03:02] C:\Program Files\GLUE SAVE
    [12/04/2008|22:56] C:\Program Files\gPotato.eu
    [29/04/2008|00:11] C:\Program Files\InstallShield Installation Information
    [10/04/2008|03:02] C:\Program Files\Internet Explorer
    [06/04/2008|18:23] C:\Program Files\InterVideo
    [06/04/2008|19:02] C:\Program Files\iPod
    [06/04/2008|19:02] C:\Program Files\iTunes
    [06/04/2008|22:28] C:\Program Files\Java
    [30/04/2008|23:01] C:\Program Files\K!TV
    [30/04/2008|22:16] C:\Program Files\KSS
    [06/04/2008|18:22] C:\Program Files\Lavasoft
    [14/04/2008|22:25] C:\Program Files\LimeWire
    [06/04/2008|18:52] C:\Program Files\Messenger Plus! Live
    [30/04/2008|23:06] C:\Program Files\MeuhMeuhTV Alpha
    [06/04/2008|17:50] C:\Program Files\microsoft frontpage
    [06/04/2008|19:57] C:\Program Files\Movie Maker
    [04/05/2008|19:48] C:\Program Files\Mozilla Firefox
    [06/04/2008|17:50] C:\Program Files\msn gaming zone
    [30/04/2008|09:17] C:\Program Files\MSXML 4.0
    [06/04/2008|17:50] C:\Program Files\netmeeting
    [06/04/2008|21:38] C:\Program Files\OpenOffice.org 2.4
    [06/04/2008|19:57] C:\Program Files\Outlook Express
    [01/05/2008|18:13] C:\Program Files\PeerTV
    [06/04/2008|19:01] C:\Program Files\QuickTime
    [28/04/2008|23:56] C:\Program Files\Samsung
    [06/04/2008|17:47] C:\Program Files\Services en ligne
    [14/04/2008|21:50] C:\Program Files\Soulseek-Test
    [06/04/2008|20:12] C:\Program Files\SuperCopier2
    [06/04/2008|18:27] C:\Program Files\swsetup
    [04/05/2008|19:52] C:\Program Files\Trend Micro
    [06/04/2008|17:58] C:\Program Files\Uninstall Information
    [06/04/2008|18:51] C:\Program Files\Windows Live
    [28/04/2008|11:30] C:\Program Files\Windows Media Connect 2
    [28/04/2008|16:14] C:\Program Files\Windows Media Player
    [06/04/2008|17:50] C:\Program Files\Windows NT
    [06/04/2008|17:47] C:\Program Files\WindowsUpdate
    [06/04/2008|19:47] C:\Program Files\WinRAR
    [06/04/2008|17:50] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [29/04/2008|00:11] C:\Program Files\Fichiers communs\Adobe
    [15/04/2008|08:37] C:\Program Files\Fichiers communs\Ahead
    [06/04/2008|19:00] C:\Program Files\Fichiers communs\Apple
    [12/04/2008|13:25] C:\Program Files\Fichiers communs\InstallShield
    [06/04/2008|21:34] C:\Program Files\Fichiers communs\Java
    [06/04/2008|18:49] C:\Program Files\Fichiers communs\Microsoft Shared
    [06/04/2008|17:46] C:\Program Files\Fichiers communs\MSSoap
    [06/04/2008|19:39] C:\Program Files\Fichiers communs\ODBC
    [06/04/2008|17:46] C:\Program Files\Fichiers communs\Services
    [06/04/2008|19:39] C:\Program Files\Fichiers communs\SpeechEngines
    [06/04/2008|19:32] C:\Program Files\Fichiers communs\System
    [06/04/2008|18:49] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 36

    iexplore.exe ~ [580]
    iexplore.exe ~ [1136]

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle\base camp.exe
    C:\DOCUME~1\baoul\APPLIC~1\gluesa~1
    C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\ErrorMp3AboutAce.exe
    C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\fvjyzupl.exe
    C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\ilzozvfq.exe
    C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\MoreOpenMail.exe
    C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\onetimepart.exe
    C:\DOCUME~1\baoul\APPLIC~1\gluesa~1\twolqwvz.exe
    C:\Program Files\gluesa~1
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\WINDOWS\Tasks\A662B21F91852A8F.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "soft enc"="C:\\DOCUME~1\\baoul\\APPLIC~1\\GLUESA~1\\MoreOpenMail.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Boob Idle Software Acid"="C:\\Documents and Settings\\All Users\\Application Data\\Part Long Boob Idle\\Build Flap.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE


    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-04 19:54:52
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:255][Doss:23] C:\DOCUME~1\baoul\LOCALS~1\Temp
    /!\ [Fich:127][Doss:0] C:\DOCUME~1\baoul\Cookies
    /!\ [Fich:2118][Doss:4] C:\DOCUME~1\baoul\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:55:38,41 ]----------------------


    Merci Beaucoup d'avance!!!
    a b 8 Sécurité
    4 Mai 2008 21:43:29

    Option 2 maintenant.
    6 Mai 2008 12:29:32


    -----------------------[ Lop S&D 4.2.0-6 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : baoul ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 05/05/2008 | 23:02:21,41 ] [ PC : XPSP2-5067F86E7 ]
    [ MAJ : 04-05-2008 | 14:40 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\baoul\APPLIC~1\gluesa~1

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [15/04/2008|08:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [06/04/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [06/04/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [06/04/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [12/04/2008|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [29/04/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [07/04/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [13/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/04/2008|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [06/04/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [11/04/2008|09:45] C:\DOCUME~1\baoul\APPLIC~1\Adobe
    [15/04/2008|10:44] C:\DOCUME~1\baoul\APPLIC~1\Ahead
    [15/04/2008|08:31] C:\DOCUME~1\baoul\APPLIC~1\Apple Computer
    [06/04/2008|19:38] C:\DOCUME~1\baoul\APPLIC~1\desktop.ini
    [06/04/2008|17:58] C:\DOCUME~1\baoul\APPLIC~1\Identities
    [06/04/2008|18:59] C:\DOCUME~1\baoul\APPLIC~1\Lavasoft
    [04/05/2008|20:26] C:\DOCUME~1\baoul\APPLIC~1\LimeWire
    [04/05/2008|20:07] C:\DOCUME~1\baoul\APPLIC~1\ma-config.com
    [11/04/2008|09:45] C:\DOCUME~1\baoul\APPLIC~1\Macromedia
    [30/04/2008|23:43] C:\DOCUME~1\baoul\APPLIC~1\MeuhMeuhTV
    [07/04/2008|11:58] C:\DOCUME~1\baoul\APPLIC~1\Microsoft
    [06/04/2008|19:43] C:\DOCUME~1\baoul\APPLIC~1\Mozilla
    [05/05/2008|22:04] C:\DOCUME~1\baoul\APPLIC~1\OpenOffice.org2
    [29/04/2008|00:21] C:\DOCUME~1\baoul\APPLIC~1\Samsung
    [06/04/2008|21:33] C:\DOCUME~1\baoul\APPLIC~1\Sun
    [04/05/2008|19:32] C:\DOCUME~1\baoul\APPLIC~1\U3
    [30/04/2008|22:34] C:\DOCUME~1\baoul\APPLIC~1\vlc
    [06/04/2008|19:47] C:\DOCUME~1\baoul\APPLIC~1\WinRAR

    [06/04/2008|19:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [06/04/2008|17:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [06/04/2008|17:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [06/04/2008|17:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [07/04/2008 08:30][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [05/05/2008 22:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [01/05/2008|18:59] C:\Program Files\adslTV
    [15/04/2008|08:39] C:\Program Files\Ahead
    [06/04/2008|18:24] C:\Program Files\Analog Devices
    [06/04/2008|19:01] C:\Program Files\Apple Software Update
    [06/04/2008|18:28] C:\Program Files\ATI Technologies
    [06/04/2008|19:01] C:\Program Files\Bonjour
    [12/04/2008|22:54] C:\Program Files\Common Files
    [06/04/2008|17:45] C:\Program Files\ComPlus Applications
    [06/04/2008|20:12] C:\Program Files\CursorXP
    [12/04/2008|11:03] C:\Program Files\DivX
    [01/05/2008|00:33] C:\Program Files\DMV
    [28/04/2008|11:28] C:\Program Files\eMule
    [28/04/2008|23:55] C:\Program Files\Fichiers communs
    [12/04/2008|22:56] C:\Program Files\gPotato.eu
    [29/04/2008|00:11] C:\Program Files\InstallShield Installation Information
    [10/04/2008|03:02] C:\Program Files\Internet Explorer
    [06/04/2008|18:23] C:\Program Files\InterVideo
    [06/04/2008|19:02] C:\Program Files\iPod
    [06/04/2008|19:02] C:\Program Files\iTunes
    [06/04/2008|22:28] C:\Program Files\Java
    [30/04/2008|23:01] C:\Program Files\K!TV
    [30/04/2008|22:16] C:\Program Files\KSS
    [06/04/2008|18:22] C:\Program Files\Lavasoft
    [14/04/2008|22:25] C:\Program Files\LimeWire
    [04/05/2008|20:07] C:\Program Files\ma-config.com
    [06/04/2008|18:52] C:\Program Files\Messenger Plus! Live
    [30/04/2008|23:06] C:\Program Files\MeuhMeuhTV Alpha
    [06/04/2008|17:50] C:\Program Files\microsoft frontpage
    [06/04/2008|19:57] C:\Program Files\Movie Maker
    [05/05/2008|22:15] C:\Program Files\Mozilla Firefox
    [06/04/2008|17:50] C:\Program Files\msn gaming zone
    [30/04/2008|09:17] C:\Program Files\MSXML 4.0
    [06/04/2008|17:50] C:\Program Files\netmeeting
    [06/04/2008|21:38] C:\Program Files\OpenOffice.org 2.4
    [06/04/2008|19:57] C:\Program Files\Outlook Express
    [01/05/2008|18:13] C:\Program Files\PeerTV
    [06/04/2008|19:01] C:\Program Files\QuickTime
    [28/04/2008|23:56] C:\Program Files\Samsung
    [06/04/2008|17:47] C:\Program Files\Services en ligne
    [14/04/2008|21:50] C:\Program Files\Soulseek-Test
    [06/04/2008|20:12] C:\Program Files\SuperCopier2
    [06/04/2008|18:27] C:\Program Files\swsetup
    [04/05/2008|19:52] C:\Program Files\Trend Micro
    [06/04/2008|17:58] C:\Program Files\Uninstall Information
    [06/04/2008|18:51] C:\Program Files\Windows Live
    [28/04/2008|11:30] C:\Program Files\Windows Media Connect 2
    [28/04/2008|16:14] C:\Program Files\Windows Media Player
    [06/04/2008|17:50] C:\Program Files\Windows NT
    [06/04/2008|17:47] C:\Program Files\WindowsUpdate
    [06/04/2008|19:47] C:\Program Files\WinRAR
    [06/04/2008|17:50] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [29/04/2008|00:11] C:\Program Files\Fichiers communs\Adobe
    [15/04/2008|08:37] C:\Program Files\Fichiers communs\Ahead
    [06/04/2008|19:00] C:\Program Files\Fichiers communs\Apple
    [12/04/2008|13:25] C:\Program Files\Fichiers communs\InstallShield
    [06/04/2008|21:34] C:\Program Files\Fichiers communs\Java
    [06/04/2008|18:49] C:\Program Files\Fichiers communs\Microsoft Shared
    [06/04/2008|17:46] C:\Program Files\Fichiers communs\MSSoap
    [06/04/2008|19:39] C:\Program Files\Fichiers communs\ODBC
    [06/04/2008|17:46] C:\Program Files\Fichiers communs\Services
    [06/04/2008|19:39] C:\Program Files\Fichiers communs\SpeechEngines
    [06/04/2008|19:32] C:\Program Files\Fichiers communs\System
    [06/04/2008|18:49] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 37

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-05 23:04:01
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:272][Doss:24] C:\DOCUME~1\baoul\LOCALS~1\Temp
    /!\ [Fich:127][Doss:0] C:\DOCUME~1\baoul\Cookies
    /!\ [Fich:2171][Doss:4] C:\DOCUME~1\baoul\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 23:04:31,39 ]----------------------

    6 Mai 2008 12:30:47

    Et enfin le rapport HijackThis :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:05:23, on 05/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
    O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [soft enc] C:\DOCUME~1\baoul\APPLIC~1\GLUESA~1\MoreOpenMail.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 5770 bytes

    a b 8 Sécurité
    6 Mai 2008 18:30:50

    Un nouveau rapport Hijackthis :) 
    7 Mai 2008 23:13:09

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:35:56, on 07/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\Build Flap.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
    O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [soft enc] C:\DOCUME~1\baoul\APPLIC~1\GLUESA~1\MoreOpenMail.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 5817 bytes

    a b 8 Sécurité
    9 Mai 2008 12:58:55

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\Build Flap.exe
    O4 - HKCU\..\Run: [soft enc] C:\DOCUME~1\baoul\APPLIC~1\GLUESA~1\MoreOpenMail.exe

    Refais un scan LopSD option 1.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS