Votre question

Encore et toujours les CiD m'attaquent

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
27 Mars 2008 17:37:21

Bonjour, j'ai suivi divers sujets sur les CiD

J'ai telechargé comme il était ecrit hijackthis

S'il vous plait aidez moi a gagner la ataille contre les CiD c'est inssuportable, je n'en peux plus

voila mon rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:23, on 27/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.miely.free.fr/google_chti/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [nounfive] "C:\ProgramData\HTM EACH EACH.i66oan"
O4 - HKCU\..\Run: [Store file readme bash] "C:\ProgramData\roam anti mp3.0onbr4j"
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\JOETPAM\AppData\Local\Temp\mljjg.dll,c
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BM57970e7b] Rundll32.exe "C:\Users\JOETPAM\AppData\Local\Temp\gjwtwdmd.dll",s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: 108Mbps Wireless Network USB Dongle Configuration Utility.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Reg.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: CANALPLAY Installer - http://www.canalplay.com/cabs/CanalInstaller.CAB
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://joetpam.spaces.live.com/PhotoUpload/VistaMsnPUpl...
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\Windows\system32\acs.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 10333 bytes

Autres pages sur : cid attaquent

27 Mars 2008 17:42:02

si cela peux aider je suis sous windows vista
27 Mars 2008 17:52:36

Salut,

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )
    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    N.B : Il y a d'autres infections aussi visiblement, on va tout nettoyer :super:
    Contenus similaires
    27 Mars 2008 17:54:37

    d'autres infections ? !!! tu me fais peur ! je fais tout de site ce que tu viens de me dire !
    27 Mars 2008 18:08:13

    ouh la la ! j'ai fait comme tu m'as dit, il m'as demandé d'ouvrir en tant qu'administrateur et mon pc s'est eteint

    il s'est rallumer avec le lop s&d qui a fait totalement ramé mon pc

    et voila le journal :




    -----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : JOETPAM ] [ "C:\Lop SD" ]
    [ 27/03/2008 | 18:00:02,65 ] [ PC : PC-DE-JOETPAM ]
    [ MAJ : 26-03-2008 | 13:15 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\Linguistics
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\Flash Player
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\Acrobat
    [06/04/2007|16:27] C:\Users\JOETPAM\AppData\Roaming\Adobe\ESD

    [06/04/2007|16:22] C:\Users\JOETPAM\AppData\Roaming\AdobeUM\..
    [06/04/2007|16:22] C:\Users\JOETPAM\AppData\Roaming\AdobeUM\.

    [07/03/2008|15:21] C:\Users\JOETPAM\AppData\Roaming\ATI\..
    [07/03/2008|15:21] C:\Users\JOETPAM\AppData\Roaming\ATI\ACE
    [07/03/2008|15:21] C:\Users\JOETPAM\AppData\Roaming\ATI\.

    [26/03/2008|08:55] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000106.log
    [26/03/2008|08:08] C:\Users\JOETPAM\AppData\Roaming\AVG7\sched-0002.cfg
    [26/03/2008|08:00] C:\Users\JOETPAM\AppData\Roaming\AVG7\..
    [26/03/2008|08:00] C:\Users\JOETPAM\AppData\Roaming\AVG7\.
    [26/03/2008|08:00] C:\Users\JOETPAM\AppData\Roaming\AVG7\log.idx
    [26/03/2008|08:00] C:\Users\JOETPAM\AppData\Roaming\AVG7\sched-0001.cfg
    [25/03/2008|09:03] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000105.log
    [24/03/2008|10:44] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000104.log
    [24/03/2008|00:04] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000103.log
    [21/03/2008|21:17] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000102.log
    [20/03/2008|08:10] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000101.log
    [19/03/2008|22:12] C:\Users\JOETPAM\AppData\Roaming\AVG7\user-0000.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0013.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0012.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0011.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0009.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0008.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0007.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0006.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0005.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0004.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0003.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0002.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0001.cfg

    [06/03/2008|08:51] C:\Users\JOETPAM\AppData\Roaming\Codemasters\..
    [06/03/2008|08:51] C:\Users\JOETPAM\AppData\Roaming\Codemasters\Clive Barker's Jericho Demo
    [06/03/2008|08:51] C:\Users\JOETPAM\AppData\Roaming\Codemasters\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\CyberLink\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\CyberLink\PowerDVD
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\CyberLink\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\CyberLink\MediaCache
    [16/01/2008|20:42] C:\Users\JOETPAM\AppData\Roaming\CyberLink\PowerCinema

    [20/03/2008|18:00] C:\Users\JOETPAM\AppData\Roaming\DivX\DivX Player
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\DivX\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\DivX\.
    [17/05/2007|19:20] C:\Users\JOETPAM\AppData\Roaming\DivX\DivX Codec

    [19/03/2008|21:19] C:\Users\JOETPAM\AppData\Roaming\Earthsim\Channel
    [19/03/2008|21:19] C:\Users\JOETPAM\AppData\Roaming\Earthsim\..
    [19/03/2008|21:19] C:\Users\JOETPAM\AppData\Roaming\Earthsim\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\EoWeather
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\eoStats
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\eoDesktop
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\db
    [06/01/2008|13:46] C:\Users\JOETPAM\AppData\Roaming\EoRezo\user.cyp
    [06/01/2008|13:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\EoWeather.cfg
    [06/01/2008|13:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\ConfMedia.cyp
    [06/01/2008|13:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\cmhost.cyp
    [06/01/2008|13:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\host.cyp
    [15/06/2007|08:03] C:\Users\JOETPAM\AppData\Roaming\EoRezo\towns.cfg

    [25/03/2008|05:15] C:\Users\JOETPAM\AppData\Roaming\Google\Local Search History
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Google\GoogleEarth
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Google\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Google\.

    [05/02/2008|20:00] C:\Users\JOETPAM\AppData\Roaming\G‚n‚atique2007\..
    [05/02/2008|20:00] C:\Users\JOETPAM\AppData\Roaming\G‚n‚atique2007\DescriptifStandard.zip
    [05/02/2008|20:00] C:\Users\JOETPAM\AppData\Roaming\G‚n‚atique2007\.

    [13/02/2008|19:01] C:\Users\JOETPAM\AppData\Roaming\Identities\..
    [13/02/2008|19:01] C:\Users\JOETPAM\AppData\Roaming\Identities\{72DB74A9-4484-49E6-B42E-D0ED59B6B8DE}
    [13/02/2008|19:01] C:\Users\JOETPAM\AppData\Roaming\Identities\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Identities\{38A8BE47-BDA4-4F88-9C48-34947E7A222A}

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\InstallShield\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\InstallShield\.
    [07/01/2008|10:03] C:\Users\JOETPAM\AppData\Roaming\InstallShield\ISEngine12.0

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\ItsTV3DCube
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\ItsTV2D
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\ItsTV

    [10/03/2008|17:16] C:\Users\JOETPAM\AppData\Roaming\Logitech\SetPoint
    [10/03/2008|17:16] C:\Users\JOETPAM\AppData\Roaming\Logitech\..
    [10/03/2008|17:16] C:\Users\JOETPAM\AppData\Roaming\Logitech\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Macromedia\Flash Player
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Macromedia\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Macromedia\.

    [02/11/2006|13:37] C:\Users\JOETPAM\AppData\Roaming\Media Center Programs\..
    [02/11/2006|13:37] C:\Users\JOETPAM\AppData\Roaming\Media Center Programs\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Media Player Classic\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Media Player Classic\.
    [17/01/2008|17:22] C:\Users\JOETPAM\AppData\Roaming\Media Player Classic\default.mpcpl

    [19/03/2008|21:55] C:\Users\JOETPAM\AppData\Roaming\Microsoft\..
    [19/03/2008|21:55] C:\Users\JOETPAM\AppData\Roaming\Microsoft\.
    [10/03/2008|17:14] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Installer
    [10/03/2008|13:36] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Windows Photo Gallery
    [07/03/2008|15:24] C:\Users\JOETPAM\AppData\Roaming\Microsoft\MMC
    [29/02/2008|19:14] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Windows Live Call
    [24/02/2008|18:06] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Windows
    [09/02/2008|14:50] C:\Users\JOETPAM\AppData\Roaming\Microsoft\MSN Messenger
    [02/02/2008|18:54] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Internet Explorer
    [02/02/2008|18:54] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Crypto
    [02/02/2008|18:54] C:\Users\JOETPAM\AppData\Roaming\Microsoft\SystemCertificates
    [02/02/2008|18:54] C:\Users\JOETPAM\AppData\Roaming\Microsoft\network
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Speech
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Protect
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\IdentityCRL
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\HTML Help
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\eHome
    [02/01/2008|16:38] C:\Users\JOETPAM\AppData\Roaming\Microsoft\LastFlashConfig.WFC
    [03/04/2007|16:41] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Credentials

    [13/03/2008|15:39] C:\Users\JOETPAM\AppData\Roaming\Mozilla\pluginreg.dat
    [07/03/2008|15:57] C:\Users\JOETPAM\AppData\Roaming\Mozilla\..
    [07/03/2008|15:57] C:\Users\JOETPAM\AppData\Roaming\Mozilla\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Mozilla\Firefox

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\My Games\Sid Meier's Civilization 4
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\My Games\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\My Games\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\PC Tools\Spyware Doctor
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\PC Tools\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\PC Tools\.

    [04/04/2007|17:01] C:\Users\JOETPAM\AppData\Roaming\SampleView\..
    [04/04/2007|17:01] C:\Users\JOETPAM\AppData\Roaming\SampleView\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ScanSoft\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ScanSoft\PaperPort
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ScanSoft\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\.
    [13/05/2007|14:50] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\titecrotte666@hotmail.fr
    [13/05/2007|14:47] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\pamelade@hotmail.fr
    [13/05/2007|14:45] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\joetpam@hotmail.fr

    [13/03/2008|15:47] C:\Users\JOETPAM\AppData\Roaming\SecondLife\logs
    [13/03/2008|15:47] C:\Users\JOETPAM\AppData\Roaming\SecondLife\degueldre_pamela
    [13/03/2008|15:41] C:\Users\JOETPAM\AppData\Roaming\SecondLife\browser_profile
    [13/03/2008|15:40] C:\Users\JOETPAM\AppData\Roaming\SecondLife\user_settings
    [13/03/2008|15:40] C:\Users\JOETPAM\AppData\Roaming\SecondLife\.
    [13/03/2008|15:40] C:\Users\JOETPAM\AppData\Roaming\SecondLife\..
    [13/03/2008|15:38] C:\Users\JOETPAM\AppData\Roaming\SecondLife\cache
    [13/03/2008|15:29] C:\Users\JOETPAM\AppData\Roaming\SecondLife\avro_joetpam
    [13/03/2008|15:19] C:\Users\JOETPAM\AppData\Roaming\SecondLife\avro_melapa
    [10/03/2008|13:53] C:\Users\JOETPAM\AppData\Roaming\SecondLife\renard_alibiba
    [10/03/2008|13:51] C:\Users\JOETPAM\AppData\Roaming\SecondLife\alibiba_renard
    [07/03/2008|16:07] C:\Users\JOETPAM\AppData\Roaming\SecondLife\severin_johan

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Talkback\MozillaOrg
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Talkback\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Talkback\.

    [04/01/2008|20:07] C:\Users\JOETPAM\AppData\Roaming\Todae\..
    [04/01/2008|20:07] C:\Users\JOETPAM\AppData\Roaming\Todae\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\vlc\cache
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\vlc\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\vlc\.
    [06/01/2008|12:28] C:\Users\JOETPAM\AppData\Roaming\vlc\vlcrc

    [25/03/2008|19:51] C:\Users\JOETPAM\AppData\Roaming\Winamp\winamp.ini
    [25/03/2008|19:51] C:\Users\JOETPAM\AppData\Roaming\Winamp\winamp.m3u
    [25/03/2008|19:51] C:\Users\JOETPAM\AppData\Roaming\Winamp\Winamp.m3u8
    [24/03/2008|22:49] C:\Users\JOETPAM\AppData\Roaming\Winamp\studio.xnf
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Winamp\Plugins
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Winamp\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Winamp\.
    [21/01/2008|15:03] C:\Users\JOETPAM\AppData\Roaming\Winamp\Winamp.pic
    [21/01/2008|14:04] C:\Users\JOETPAM\AppData\Roaming\Winamp\Winamp.bm
    [06/01/2008|14:54] C:\Users\JOETPAM\AppData\Roaming\Winamp\Winamp.q1
    [14/09/2005|20:17] C:\Users\JOETPAM\AppData\Roaming\Winamp\demo.mp3

    [24/01/2008|18:25] C:\Users\JOETPAM\AppData\Roaming\WinRAR\..
    [24/01/2008|18:25] C:\Users\JOETPAM\AppData\Roaming\WinRAR\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Yahoo!\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Yahoo!\Companion
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Yahoo!\.

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [27/03/2008 02:53][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1A66994B-7405-4A42-B23C-1A8E6ED77982}.job
    [03/01/2008 10:14][--a------] C:\Windows\tasks\Norton Security Scan.job
    [27/03/2008 17:59][--ah-----] C:\Windows\tasks\SA.DAT
    [27/03/2008 17:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [19/03/2008|21:56] C:\ProgramData\.
    [19/03/2008|21:56] C:\ProgramData\..
    [25/02/2008|12:16] C:\ProgramData\Adobe
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [07/03/2008|15:21] C:\ProgramData\ATI
    [20/03/2008|08:09] C:\ProgramData\avg7
    [02/02/2008|18:39] C:\ProgramData\Brother
    [04/02/2008|21:23] C:\ProgramData\Bureau
    [10/03/2008|16:19] C:\ProgramData\city about store file
    [02/02/2008|18:39] C:\ProgramData\CyberLink
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [16/02/2008|16:35] C:\ProgramData\Downloaded Installations
    [07/03/2008|15:59] C:\ProgramData\Earthsim
    [04/02/2008|21:23] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [19/03/2008|21:30] C:\ProgramData\GamesBar
    [02/02/2008|18:39] C:\ProgramData\Google
    [27/03/2008|02:23] C:\ProgramData\Google Updater
    [19/03/2008|21:56] C:\ProgramData\Grisoft
    [29/02/2008|19:15] C:\ProgramData\HTM EACH EACH.9ejzh
    [29/02/2008|19:15] C:\ProgramData\HTM EACH EACH.i66oan
    [25/03/2008|19:10] C:\ProgramData\Logishrd
    [10/03/2008|17:12] C:\ProgramData\Logitech
    [11/03/2008|13:42] C:\ProgramData\McAfee
    [04/02/2008|21:23] C:\ProgramData\Menu D‚marrer
    [29/02/2008|19:17] C:\ProgramData\Mess plus mapi
    [02/02/2008|18:40] C:\ProgramData\Microsoft
    [04/02/2008|21:23] C:\ProgramData\ModŠles
    [02/02/2008|18:40] C:\ProgramData\Mozilla
    [02/02/2008|18:40] C:\ProgramData\PC Tools
    [02/02/2008|18:40] C:\ProgramData\Prism Deploy
    [29/02/2008|19:16] C:\ProgramData\roam anti mp3.0onbr4j
    [02/02/2008|18:40] C:\ProgramData\ScanSoft
    [10/03/2008|18:19] C:\ProgramData\SiteAdvisor
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [03/01/2008|10:13] C:\ProgramData\Symantec
    [02/02/2008|17:14] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [29/02/2008|18:57] C:\ProgramData\WLInstaller

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [27/03/2008|17:24] C:\Program Files\.
    [27/03/2008|17:24] C:\Program Files\..
    [10/03/2008|10:58] C:\Program Files\108Mbps Wireless Network USB Dongle
    [02/02/2008|18:33] C:\Program Files\AbiSuite2
    [25/02/2008|12:16] C:\Program Files\Adobe
    [06/03/2008|08:48] C:\Program Files\AGEIA Technologies
    [10/03/2008|22:57] C:\Program Files\Alwil Software
    [19/03/2008|21:21] C:\Program Files\Arcade Lines
    [02/02/2008|18:33] C:\Program Files\Atari
    [12/03/2008|08:35] C:\Program Files\ATI
    [07/03/2008|15:14] C:\Program Files\ATI Technologies
    [12/03/2008|14:52] C:\Program Files\Audacity
    [12/03/2008|15:02] C:\Program Files\Audacity23
    [19/03/2008|21:33] C:\Program Files\Babylon
    [02/02/2008|18:33] C:\Program Files\BigFix
    [19/03/2008|21:31] C:\Program Files\Common Files
    [02/02/2008|18:34] C:\Program Files\CyberLink
    [19/03/2008|21:32] C:\Program Files\Deimos Group
    [06/02/2008|03:40] C:\Program Files\desktop.ini
    [02/02/2008|18:34] C:\Program Files\Digital Media Reader
    [02/02/2008|18:34] C:\Program Files\DivX
    [06/01/2008|14:05] C:\Program Files\EA GAMES
    [02/02/2008|18:34] C:\Program Files\eMule
    [02/02/2008|18:35] C:\Program Files\eoRezo
    [19/03/2008|21:28] C:\Program Files\FairUse Wizard 2
    [04/02/2008|21:23] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [02/02/2008|18:35] C:\Program Files\Firaxis Games
    [02/02/2008|18:36] C:\Program Files\GameShadow
    [05/02/2008|19:58] C:\Program Files\Geneatique2007
    [02/02/2008|18:36] C:\Program Files\Google
    [19/03/2008|21:56] C:\Program Files\Grisoft
    [02/02/2008|18:36] C:\Program Files\Horloge
    [19/03/2008|21:39] C:\Program Files\InstallShield Installation Information
    [02/02/2008|18:36] C:\Program Files\InterActual
    [15/02/2008|03:13] C:\Program Files\Internet Explorer
    [02/02/2008|18:36] C:\Program Files\Inventel
    [02/02/2008|18:36] C:\Program Files\ItsLabel
    [02/02/2008|18:36] C:\Program Files\Java
    [19/03/2008|21:43] C:\Program Files\Lecteur CANALPLAY
    [25/03/2008|19:10] C:\Program Files\Logitech
    [26/02/2008|13:12] C:\Program Files\Messenger
    [19/03/2008|21:30] C:\Program Files\Micro Application
    [03/03/2008|12:13] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/02/2008|18:37] C:\Program Files\Microsoft Games
    [18/03/2008|18:00] C:\Program Files\Microsoft Office
    [02/11/2006|13:42] C:\Program Files\Movie Maker
    [19/03/2008|21:20] C:\Program Files\Mozilla Firefox
    [02/11/2006|13:37] C:\Program Files\MSBuild
    [02/11/2006|13:37] C:\Program Files\MSN
    [19/03/2008|21:29] C:\Program Files\MSN Messenger
    [06/04/2007|08:54] C:\Program Files\MSXML 4.0
    [11/02/2008|17:20] C:\Program Files\Neuf
    [02/02/2008|18:37] C:\Program Files\Nexus 2000 Demo
    [02/02/2008|18:37] C:\Program Files\Norton Security Scan
    [06/03/2008|08:54] C:\Program Files\OpenAL
    [02/02/2008|18:37] C:\Program Files\orange
    [02/02/2008|18:37] C:\Program Files\OrangeHSS
    [04/03/2008|02:48] C:\Program Files\Picasa2
    [05/02/2008|19:58] C:\Program Files\Protectis
    [05/02/2008|19:58] C:\Program Files\ProtectisModeles
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesAndrosace.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique (2000;MX;2004 sans images).bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique (2000;MX;2004).bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique 2006 (sans images).bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique 2006.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique 2007 (sans images).bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique 2007.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesHeredis 7.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesHeredis 8.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesHeredis 9.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesOutlook Express.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesPhotos de Famille 2.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesPhotos de Famille.bks
    [02/02/2008|18:37] C:\Program Files\Realtek
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [02/02/2008|18:37] C:\Program Files\Rekenwonder Software
    [19/03/2008|21:16] C:\Program Files\RM-X© Easy Compress
    [02/02/2008|18:37] C:\Program Files\Samsung
    [02/02/2008|18:37] C:\Program Files\ScanSoft
    [02/02/2008|18:38] C:\Program Files\SIFXINST
    [27/03/2008|17:59] C:\Program Files\Steam
    [05/02/2008|19:59] C:\Program Files\Tracker Software
    [27/03/2008|17:24] C:\Program Files\Trend Micro
    [02/02/2008|18:38] C:\Program Files\Ubisoft
    [10/03/2008|10:58] C:\Program Files\Uninstall
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [02/02/2008|18:39] C:\Program Files\Valve
    [06/01/2008|14:01] C:\Program Files\VideoLAN
    [16/02/2008|16:36] C:\Program Files\VirginMega
    [02/02/2008|18:39] C:\Program Files\Winamp
    [06/02/2008|03:35] C:\Program Files\Windows Calendar
    [02/11/2006|13:42] C:\Program Files\Windows Collaboration
    [06/02/2008|03:35] C:\Program Files\Windows Defender
    [02/11/2006|13:42] C:\Program Files\Windows Journal
    [29/02/2008|19:01] C:\Program Files\Windows Live
    [12/03/2008|03:09] C:\Program Files\Windows Mail
    [06/02/2008|03:35] C:\Program Files\Windows Media Player
    [04/02/2008|21:23] C:\Program Files\Windows NT
    [02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
    [06/02/2008|03:35] C:\Program Files\Windows Sidebar
    [24/01/2008|21:22] C:\Program Files\WinRAR
    [19/03/2008|21:19] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [19/03/2008|21:31] C:\Program Files\Common Files\.
    [19/03/2008|21:31] C:\Program Files\Common Files\..
    [25/02/2008|12:16] C:\Program Files\Common Files\Adobe
    [03/04/2007|16:51] C:\Program Files\Common Files\FDEUnInstaller.exe
    [02/02/2008|18:33] C:\Program Files\Common Files\GTK
    [02/02/2008|18:33] C:\Program Files\Common Files\InstallShield
    [02/02/2008|18:33] C:\Program Files\Common Files\Java
    [25/03/2008|19:11] C:\Program Files\Common Files\LogiShrd
    [10/03/2008|17:12] C:\Program Files\Common Files\Logitech
    [07/03/2008|15:11] C:\Program Files\Common Files\microsoft shared
    [02/02/2008|18:34] C:\Program Files\Common Files\New Boundary
    [06/01/2008|15:26] C:\Program Files\Common Files\NSV
    [02/02/2008|18:34] C:\Program Files\Common Files\PX Storage Engine
    [02/02/2008|18:34] C:\Program Files\Common Files\ScanSoft Shared
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [13/03/2008|21:24] C:\Program Files\Common Files\Steam
    [23/12/2007|18:12] C:\Program Files\Common Files\Symantec Shared
    [06/02/2008|03:35] C:\Program Files\Common Files\System
    [29/02/2008|18:59] C:\Program Files\Common Files\WindowsLiveInstaller
    [06/03/2008|08:47] C:\Program Files\Common Files\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\ProgramData\HTM EACH EACH.9ejzh
    C:\ProgramData\HTM EACH EACH.i66oan
    C:\ProgramData\roam anti mp3.0onbr4j
    C:\ProgramData\HTM EACH EACH.9ejzh
    C:\ProgramData\HTM EACH EACH.i66oan
    C:\ProgramData\roam anti mp3.0onbr4j
    C:\Users\JOETPAM\AppData\Local\Temp\bis882C.exe

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\ProgramData\city about store file
    C:\ProgramData\city about store file\About Data.exe

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-27 18:04:43
    Windows 6.0.6000 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\Windows\system32\nvs2.inf
    ! EGDACCESS !


    /!\ [Fich:1277][Doss:63] C:\Users\JOETPAM\AppData\Local\Temp
    /!\ [Fich:995][Doss:1] C:\Users\JOETPAM\AppData\Roaming\MICROS~1\Windows\Cookies
    /!\ [Fich:5353][Doss:15] C:\Users\JOETPAM\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 18:06:17,81 ]----------------------

    27 Mars 2008 18:09:57

    Re,

    En comptant les pubs CiD, je constate pour le moment trois types d'infections :D  : lop.com, magic.control et vundo. Ne te fais pas de souci, on va tout nettoyer.

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré ( C:\lopR.txt )

    (Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    + nouveau rapport hijackthis.

    ;) 
    27 Mars 2008 18:11:35

    alors docteur c'est grave ?? :cry: 
    27 Mars 2008 18:12:55

    Re,

    Avant de faire la manip' que je t'ai demandée, tu dois désactiver ton UAC. Celle-ci doit être désactivée pour chaque manip' que je te fais faire !!!

    Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ...
    et valide par OK , il te sera demandé de redémarrer, fais le )


    ;) 
    27 Mars 2008 18:20:54

    ah excuse moi, j n'avais pas vu je vais le faire tout de suite

    voila le rapport :



    -----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : JOETPAM ] [ "C:\Lop SD" ]
    [ 27/03/2008 | 18:15:02,73 ] [ PC : PC-DE-JOETPAM ]
    [ MAJ : 26-03-2008 | 13:15 ]
    [ UAC => 0 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\ProgramData\city about store file\About Data.exe
    Supprimé! - C:\ProgramData\HTM EACH EACH.9ejzh
    Supprimé! - C:\ProgramData\HTM EACH EACH.i66oan
    Supprimé! - C:\ProgramData\roam anti mp3.0onbr4j
    Supprimé! - C:\Users\JOETPAM\AppData\Local\Temp\bis882C.exe
    Supprimé! - C:\ProgramData\city about store file
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\Linguistics
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\Flash Player
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Adobe\Acrobat
    [06/04/2007|16:27] C:\Users\JOETPAM\AppData\Roaming\Adobe\ESD

    [06/04/2007|16:22] C:\Users\JOETPAM\AppData\Roaming\AdobeUM\..
    [06/04/2007|16:22] C:\Users\JOETPAM\AppData\Roaming\AdobeUM\.

    [07/03/2008|15:21] C:\Users\JOETPAM\AppData\Roaming\ATI\..
    [07/03/2008|15:21] C:\Users\JOETPAM\AppData\Roaming\ATI\ACE
    [07/03/2008|15:21] C:\Users\JOETPAM\AppData\Roaming\ATI\.

    [27/03/2008|18:12] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000107.log
    [27/03/2008|18:02] C:\Users\JOETPAM\AppData\Roaming\AVG7\..
    [27/03/2008|18:02] C:\Users\JOETPAM\AppData\Roaming\AVG7\.
    [27/03/2008|18:02] C:\Users\JOETPAM\AppData\Roaming\AVG7\log.idx
    [27/03/2008|18:01] C:\Users\JOETPAM\AppData\Roaming\AVG7\sched-0002.cfg
    [27/03/2008|18:01] C:\Users\JOETPAM\AppData\Roaming\AVG7\sched-0001.cfg
    [26/03/2008|08:55] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000106.log
    [25/03/2008|09:03] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000105.log
    [24/03/2008|10:44] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000104.log
    [24/03/2008|00:04] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000103.log
    [21/03/2008|21:17] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000102.log
    [20/03/2008|08:10] C:\Users\JOETPAM\AppData\Roaming\AVG7\l_000101.log
    [19/03/2008|22:12] C:\Users\JOETPAM\AppData\Roaming\AVG7\user-0000.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0013.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0012.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0011.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0009.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0008.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0007.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0006.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0005.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0004.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0003.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0002.cfg
    [19/03/2008|21:59] C:\Users\JOETPAM\AppData\Roaming\AVG7\test-0001.cfg

    [06/03/2008|08:51] C:\Users\JOETPAM\AppData\Roaming\Codemasters\..
    [06/03/2008|08:51] C:\Users\JOETPAM\AppData\Roaming\Codemasters\Clive Barker's Jericho Demo
    [06/03/2008|08:51] C:\Users\JOETPAM\AppData\Roaming\Codemasters\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\CyberLink\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\CyberLink\PowerDVD
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\CyberLink\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\CyberLink\MediaCache
    [16/01/2008|20:42] C:\Users\JOETPAM\AppData\Roaming\CyberLink\PowerCinema

    [20/03/2008|18:00] C:\Users\JOETPAM\AppData\Roaming\DivX\DivX Player
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\DivX\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\DivX\.
    [17/05/2007|19:20] C:\Users\JOETPAM\AppData\Roaming\DivX\DivX Codec

    [19/03/2008|21:19] C:\Users\JOETPAM\AppData\Roaming\Earthsim\Channel
    [19/03/2008|21:19] C:\Users\JOETPAM\AppData\Roaming\Earthsim\..
    [19/03/2008|21:19] C:\Users\JOETPAM\AppData\Roaming\Earthsim\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\EoWeather
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\eoStats
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\eoDesktop
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\db
    [06/01/2008|13:46] C:\Users\JOETPAM\AppData\Roaming\EoRezo\user.cyp
    [06/01/2008|13:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\EoWeather.cfg
    [06/01/2008|13:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\ConfMedia.cyp
    [06/01/2008|13:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\cmhost.cyp
    [06/01/2008|13:45] C:\Users\JOETPAM\AppData\Roaming\EoRezo\host.cyp
    [15/06/2007|08:03] C:\Users\JOETPAM\AppData\Roaming\EoRezo\towns.cfg

    [25/03/2008|05:15] C:\Users\JOETPAM\AppData\Roaming\Google\Local Search History
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Google\GoogleEarth
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Google\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Google\.

    [05/02/2008|20:00] C:\Users\JOETPAM\AppData\Roaming\G‚n‚atique2007\..
    [05/02/2008|20:00] C:\Users\JOETPAM\AppData\Roaming\G‚n‚atique2007\DescriptifStandard.zip
    [05/02/2008|20:00] C:\Users\JOETPAM\AppData\Roaming\G‚n‚atique2007\.

    [13/02/2008|19:01] C:\Users\JOETPAM\AppData\Roaming\Identities\..
    [13/02/2008|19:01] C:\Users\JOETPAM\AppData\Roaming\Identities\{72DB74A9-4484-49E6-B42E-D0ED59B6B8DE}
    [13/02/2008|19:01] C:\Users\JOETPAM\AppData\Roaming\Identities\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Identities\{38A8BE47-BDA4-4F88-9C48-34947E7A222A}

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\InstallShield\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\InstallShield\.
    [07/01/2008|10:03] C:\Users\JOETPAM\AppData\Roaming\InstallShield\ISEngine12.0

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\ItsTV3DCube
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\ItsTV2D
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ItsLabel\ItsTV

    [10/03/2008|17:16] C:\Users\JOETPAM\AppData\Roaming\Logitech\SetPoint
    [10/03/2008|17:16] C:\Users\JOETPAM\AppData\Roaming\Logitech\..
    [10/03/2008|17:16] C:\Users\JOETPAM\AppData\Roaming\Logitech\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Macromedia\Flash Player
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Macromedia\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Macromedia\.

    [02/11/2006|13:37] C:\Users\JOETPAM\AppData\Roaming\Media Center Programs\..
    [02/11/2006|13:37] C:\Users\JOETPAM\AppData\Roaming\Media Center Programs\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Media Player Classic\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Media Player Classic\.
    [17/01/2008|17:22] C:\Users\JOETPAM\AppData\Roaming\Media Player Classic\default.mpcpl

    [19/03/2008|21:55] C:\Users\JOETPAM\AppData\Roaming\Microsoft\..
    [19/03/2008|21:55] C:\Users\JOETPAM\AppData\Roaming\Microsoft\.
    [10/03/2008|17:14] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Installer
    [10/03/2008|13:36] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Windows Photo Gallery
    [07/03/2008|15:24] C:\Users\JOETPAM\AppData\Roaming\Microsoft\MMC
    [29/02/2008|19:14] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Windows Live Call
    [24/02/2008|18:06] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Windows
    [09/02/2008|14:50] C:\Users\JOETPAM\AppData\Roaming\Microsoft\MSN Messenger
    [02/02/2008|18:54] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Internet Explorer
    [02/02/2008|18:54] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Crypto
    [02/02/2008|18:54] C:\Users\JOETPAM\AppData\Roaming\Microsoft\SystemCertificates
    [02/02/2008|18:54] C:\Users\JOETPAM\AppData\Roaming\Microsoft\network
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Speech
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Protect
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\IdentityCRL
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\HTML Help
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Microsoft\eHome
    [02/01/2008|16:38] C:\Users\JOETPAM\AppData\Roaming\Microsoft\LastFlashConfig.WFC
    [03/04/2007|16:41] C:\Users\JOETPAM\AppData\Roaming\Microsoft\Credentials

    [13/03/2008|15:39] C:\Users\JOETPAM\AppData\Roaming\Mozilla\pluginreg.dat
    [07/03/2008|15:57] C:\Users\JOETPAM\AppData\Roaming\Mozilla\..
    [07/03/2008|15:57] C:\Users\JOETPAM\AppData\Roaming\Mozilla\.
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Mozilla\Firefox

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\My Games\Sid Meier's Civilization 4
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\My Games\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\My Games\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\PC Tools\Spyware Doctor
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\PC Tools\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\PC Tools\.

    [04/04/2007|17:01] C:\Users\JOETPAM\AppData\Roaming\SampleView\..
    [04/04/2007|17:01] C:\Users\JOETPAM\AppData\Roaming\SampleView\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ScanSoft\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ScanSoft\PaperPort
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\ScanSoft\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\.
    [13/05/2007|14:50] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\titecrotte666@hotmail.fr
    [13/05/2007|14:47] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\pamelade@hotmail.fr
    [13/05/2007|14:45] C:\Users\JOETPAM\AppData\Roaming\Screenshot Sender\joetpam@hotmail.fr

    [13/03/2008|15:47] C:\Users\JOETPAM\AppData\Roaming\SecondLife\logs
    [13/03/2008|15:47] C:\Users\JOETPAM\AppData\Roaming\SecondLife\degueldre_pamela
    [13/03/2008|15:41] C:\Users\JOETPAM\AppData\Roaming\SecondLife\browser_profile
    [13/03/2008|15:40] C:\Users\JOETPAM\AppData\Roaming\SecondLife\user_settings
    [13/03/2008|15:40] C:\Users\JOETPAM\AppData\Roaming\SecondLife\.
    [13/03/2008|15:40] C:\Users\JOETPAM\AppData\Roaming\SecondLife\..
    [13/03/2008|15:38] C:\Users\JOETPAM\AppData\Roaming\SecondLife\cache
    [13/03/2008|15:29] C:\Users\JOETPAM\AppData\Roaming\SecondLife\avro_joetpam
    [13/03/2008|15:19] C:\Users\JOETPAM\AppData\Roaming\SecondLife\avro_melapa
    [10/03/2008|13:53] C:\Users\JOETPAM\AppData\Roaming\SecondLife\renard_alibiba
    [10/03/2008|13:51] C:\Users\JOETPAM\AppData\Roaming\SecondLife\alibiba_renard
    [07/03/2008|16:07] C:\Users\JOETPAM\AppData\Roaming\SecondLife\severin_johan

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Talkback\MozillaOrg
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Talkback\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Talkback\.

    [04/01/2008|20:07] C:\Users\JOETPAM\AppData\Roaming\Todae\..
    [04/01/2008|20:07] C:\Users\JOETPAM\AppData\Roaming\Todae\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\vlc\cache
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\vlc\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\vlc\.
    [06/01/2008|12:28] C:\Users\JOETPAM\AppData\Roaming\vlc\vlcrc

    [25/03/2008|19:51] C:\Users\JOETPAM\AppData\Roaming\Winamp\winamp.ini
    [25/03/2008|19:51] C:\Users\JOETPAM\AppData\Roaming\Winamp\winamp.m3u
    [25/03/2008|19:51] C:\Users\JOETPAM\AppData\Roaming\Winamp\Winamp.m3u8
    [24/03/2008|22:49] C:\Users\JOETPAM\AppData\Roaming\Winamp\studio.xnf
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Winamp\Plugins
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Winamp\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Winamp\.
    [21/01/2008|15:03] C:\Users\JOETPAM\AppData\Roaming\Winamp\Winamp.pic
    [21/01/2008|14:04] C:\Users\JOETPAM\AppData\Roaming\Winamp\Winamp.bm
    [06/01/2008|14:54] C:\Users\JOETPAM\AppData\Roaming\Winamp\Winamp.q1
    [14/09/2005|20:17] C:\Users\JOETPAM\AppData\Roaming\Winamp\demo.mp3

    [24/01/2008|18:25] C:\Users\JOETPAM\AppData\Roaming\WinRAR\..
    [24/01/2008|18:25] C:\Users\JOETPAM\AppData\Roaming\WinRAR\.

    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Yahoo!\..
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Yahoo!\Companion
    [02/02/2008|18:45] C:\Users\JOETPAM\AppData\Roaming\Yahoo!\.

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [27/03/2008 02:53][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1A66994B-7405-4A42-B23C-1A8E6ED77982}.job
    [03/01/2008 10:14][--a------] C:\Windows\tasks\Norton Security Scan.job
    [27/03/2008 18:14][--ah-----] C:\Windows\tasks\SA.DAT
    [27/03/2008 18:13][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [27/03/2008|18:15] C:\ProgramData\.
    [27/03/2008|18:15] C:\ProgramData\..
    [25/02/2008|12:16] C:\ProgramData\Adobe
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [07/03/2008|15:21] C:\ProgramData\ATI
    [20/03/2008|08:09] C:\ProgramData\avg7
    [02/02/2008|18:39] C:\ProgramData\Brother
    [04/02/2008|21:23] C:\ProgramData\Bureau
    [02/02/2008|18:39] C:\ProgramData\CyberLink
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [16/02/2008|16:35] C:\ProgramData\Downloaded Installations
    [07/03/2008|15:59] C:\ProgramData\Earthsim
    [04/02/2008|21:23] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [19/03/2008|21:30] C:\ProgramData\GamesBar
    [02/02/2008|18:39] C:\ProgramData\Google
    [27/03/2008|02:23] C:\ProgramData\Google Updater
    [19/03/2008|21:56] C:\ProgramData\Grisoft
    [25/03/2008|19:10] C:\ProgramData\Logishrd
    [10/03/2008|17:12] C:\ProgramData\Logitech
    [11/03/2008|13:42] C:\ProgramData\McAfee
    [04/02/2008|21:23] C:\ProgramData\Menu D‚marrer
    [29/02/2008|19:17] C:\ProgramData\Mess plus mapi
    [02/02/2008|18:40] C:\ProgramData\Microsoft
    [04/02/2008|21:23] C:\ProgramData\ModŠles
    [02/02/2008|18:40] C:\ProgramData\Mozilla
    [02/02/2008|18:40] C:\ProgramData\PC Tools
    [02/02/2008|18:40] C:\ProgramData\Prism Deploy
    [02/02/2008|18:40] C:\ProgramData\ScanSoft
    [10/03/2008|18:19] C:\ProgramData\SiteAdvisor
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [03/01/2008|10:13] C:\ProgramData\Symantec
    [02/02/2008|17:14] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [29/02/2008|18:57] C:\ProgramData\WLInstaller

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [27/03/2008|17:24] C:\Program Files\.
    [27/03/2008|17:24] C:\Program Files\..
    [10/03/2008|10:58] C:\Program Files\108Mbps Wireless Network USB Dongle
    [02/02/2008|18:33] C:\Program Files\AbiSuite2
    [25/02/2008|12:16] C:\Program Files\Adobe
    [06/03/2008|08:48] C:\Program Files\AGEIA Technologies
    [10/03/2008|22:57] C:\Program Files\Alwil Software
    [19/03/2008|21:21] C:\Program Files\Arcade Lines
    [02/02/2008|18:33] C:\Program Files\Atari
    [12/03/2008|08:35] C:\Program Files\ATI
    [07/03/2008|15:14] C:\Program Files\ATI Technologies
    [12/03/2008|14:52] C:\Program Files\Audacity
    [12/03/2008|15:02] C:\Program Files\Audacity23
    [19/03/2008|21:33] C:\Program Files\Babylon
    [02/02/2008|18:33] C:\Program Files\BigFix
    [19/03/2008|21:31] C:\Program Files\Common Files
    [02/02/2008|18:34] C:\Program Files\CyberLink
    [19/03/2008|21:32] C:\Program Files\Deimos Group
    [06/02/2008|03:40] C:\Program Files\desktop.ini
    [02/02/2008|18:34] C:\Program Files\Digital Media Reader
    [02/02/2008|18:34] C:\Program Files\DivX
    [06/01/2008|14:05] C:\Program Files\EA GAMES
    [02/02/2008|18:34] C:\Program Files\eMule
    [02/02/2008|18:35] C:\Program Files\eoRezo
    [19/03/2008|21:28] C:\Program Files\FairUse Wizard 2
    [04/02/2008|21:23] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [02/02/2008|18:35] C:\Program Files\Firaxis Games
    [02/02/2008|18:36] C:\Program Files\GameShadow
    [05/02/2008|19:58] C:\Program Files\Geneatique2007
    [02/02/2008|18:36] C:\Program Files\Google
    [19/03/2008|21:56] C:\Program Files\Grisoft
    [02/02/2008|18:36] C:\Program Files\Horloge
    [19/03/2008|21:39] C:\Program Files\InstallShield Installation Information
    [02/02/2008|18:36] C:\Program Files\InterActual
    [15/02/2008|03:13] C:\Program Files\Internet Explorer
    [02/02/2008|18:36] C:\Program Files\Inventel
    [02/02/2008|18:36] C:\Program Files\ItsLabel
    [02/02/2008|18:36] C:\Program Files\Java
    [19/03/2008|21:43] C:\Program Files\Lecteur CANALPLAY
    [25/03/2008|19:10] C:\Program Files\Logitech
    [26/02/2008|13:12] C:\Program Files\Messenger
    [19/03/2008|21:30] C:\Program Files\Micro Application
    [03/03/2008|12:13] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/02/2008|18:37] C:\Program Files\Microsoft Games
    [18/03/2008|18:00] C:\Program Files\Microsoft Office
    [02/11/2006|13:42] C:\Program Files\Movie Maker
    [19/03/2008|21:20] C:\Program Files\Mozilla Firefox
    [02/11/2006|13:37] C:\Program Files\MSBuild
    [02/11/2006|13:37] C:\Program Files\MSN
    [19/03/2008|21:29] C:\Program Files\MSN Messenger
    [06/04/2007|08:54] C:\Program Files\MSXML 4.0
    [11/02/2008|17:20] C:\Program Files\Neuf
    [02/02/2008|18:37] C:\Program Files\Nexus 2000 Demo
    [02/02/2008|18:37] C:\Program Files\Norton Security Scan
    [06/03/2008|08:54] C:\Program Files\OpenAL
    [02/02/2008|18:37] C:\Program Files\orange
    [02/02/2008|18:37] C:\Program Files\OrangeHSS
    [04/03/2008|02:48] C:\Program Files\Picasa2
    [05/02/2008|19:58] C:\Program Files\Protectis
    [05/02/2008|19:58] C:\Program Files\ProtectisModeles
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesAndrosace.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique (2000;MX;2004 sans images).bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique (2000;MX;2004).bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique 2006 (sans images).bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique 2006.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique 2007 (sans images).bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesG‚n‚atique 2007.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesHeredis 7.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesHeredis 8.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesHeredis 9.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesOutlook Express.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesPhotos de Famille 2.bks
    [05/02/2008|19:58] C:\Program Files\ProtectisModelesPhotos de Famille.bks
    [02/02/2008|18:37] C:\Program Files\Realtek
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [02/02/2008|18:37] C:\Program Files\Rekenwonder Software
    [19/03/2008|21:16] C:\Program Files\RM-X© Easy Compress
    [02/02/2008|18:37] C:\Program Files\Samsung
    [02/02/2008|18:37] C:\Program Files\ScanSoft
    [02/02/2008|18:38] C:\Program Files\SIFXINST
    [27/03/2008|18:15] C:\Program Files\Steam
    [05/02/2008|19:59] C:\Program Files\Tracker Software
    [27/03/2008|17:24] C:\Program Files\Trend Micro
    [02/02/2008|18:38] C:\Program Files\Ubisoft
    [10/03/2008|10:58] C:\Program Files\Uninstall
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [02/02/2008|18:39] C:\Program Files\Valve
    [06/01/2008|14:01] C:\Program Files\VideoLAN
    [16/02/2008|16:36] C:\Program Files\VirginMega
    [02/02/2008|18:39] C:\Program Files\Winamp
    [06/02/2008|03:35] C:\Program Files\Windows Calendar
    [02/11/2006|13:42] C:\Program Files\Windows Collaboration
    [06/02/2008|03:35] C:\Program Files\Windows Defender
    [02/11/2006|13:42] C:\Program Files\Windows Journal
    [29/02/2008|19:01] C:\Program Files\Windows Live
    [12/03/2008|03:09] C:\Program Files\Windows Mail
    [06/02/2008|03:35] C:\Program Files\Windows Media Player
    [04/02/2008|21:23] C:\Program Files\Windows NT
    [02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
    [06/02/2008|03:35] C:\Program Files\Windows Sidebar
    [24/01/2008|21:22] C:\Program Files\WinRAR
    [19/03/2008|21:19] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [19/03/2008|21:31] C:\Program Files\Common Files\.
    [19/03/2008|21:31] C:\Program Files\Common Files\..
    [25/02/2008|12:16] C:\Program Files\Common Files\Adobe
    [03/04/2007|16:51] C:\Program Files\Common Files\FDEUnInstaller.exe
    [02/02/2008|18:33] C:\Program Files\Common Files\GTK
    [02/02/2008|18:33] C:\Program Files\Common Files\InstallShield
    [02/02/2008|18:33] C:\Program Files\Common Files\Java
    [25/03/2008|19:11] C:\Program Files\Common Files\LogiShrd
    [10/03/2008|17:12] C:\Program Files\Common Files\Logitech
    [07/03/2008|15:11] C:\Program Files\Common Files\microsoft shared
    [02/02/2008|18:34] C:\Program Files\Common Files\New Boundary
    [06/01/2008|15:26] C:\Program Files\Common Files\NSV
    [02/02/2008|18:34] C:\Program Files\Common Files\PX Storage Engine
    [02/02/2008|18:34] C:\Program Files\Common Files\ScanSoft Shared
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [13/03/2008|21:24] C:\Program Files\Common Files\Steam
    [23/12/2007|18:12] C:\Program Files\Common Files\Symantec Shared
    [06/02/2008|03:35] C:\Program Files\Common Files\System
    [29/02/2008|18:59] C:\Program Files\Common Files\WindowsLiveInstaller
    [06/03/2008|08:47] C:\Program Files\Common Files\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-27 18:18:04
    Windows 6.0.6000 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\Windows\system32\nvs2.inf
    ! EGDACCESS !


    /!\ [Fich:1276][Doss:63] C:\Users\JOETPAM\AppData\Local\Temp
    /!\ [Fich:995][Doss:1] C:\Users\JOETPAM\AppData\Roaming\MICROS~1\Windows\Cookies
    /!\ [Fich:5391][Doss:15] C:\Users\JOETPAM\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 18:19:01,62 ]----------------------
    27 Mars 2008 18:41:51

    rapport hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:40:53, on 27/03/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.miely.free.fr/google_chti/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [nounfive] "C:\ProgramData\HTM EACH EACH.i66oan"
    O4 - HKCU\..\Run: [Store file readme bash] "C:\ProgramData\roam anti mp3.0onbr4j"
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\JOETPAM\AppData\Local\Temp\mljjg.dll,c
    O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BM57970e7b] Rundll32.exe "C:\Users\JOETPAM\AppData\Local\Temp\gjwtwdmd.dll",s
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: 108Mbps Wireless Network USB Dongle Configuration Utility.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Reg.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O13 - Gopher Prefix:
    O16 - DPF: CANALPLAY Installer - http://www.canalplay.com/cabs/CanalInstaller.CAB
    O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://joetpam.spaces.live.com/PhotoUpload/VistaMsnPUpl...
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\Windows\system32\acs.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

    --
    End of file - 10127 bytes
    27 Mars 2008 18:44:02

    j'ai desactivé le controle de chez plus quoi le uac....

    exscuse je suis une buse en informatique !
    27 Mars 2008 18:47:13

    Re,

    1) Si tu es sous vista, fais d'abord ça / sinon passe de suite à l’étape suivante ;)  :

    Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ...
    et valide par OK , il te sera demandé de redémarrer, fais le )


    2) Télécharge Navilog1 de IL-MAFIOSO : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Selon l’antivirus que tu utilises navilog1 peut être détecté comme virus !!!
    Dans ce cas-là désactive le pendant le téléchargement et le scan!!!!


    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le bloc note.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

    ;) 
    27 Mars 2008 19:03:55

    c'est fait j'attends que ca se termine
    27 Mars 2008 19:32:51

    Re,

    Oki j'attends le rapport :) 
    27 Mars 2008 19:33:43

    Search Navipromo version 3.5.1 commencé le 27/03/2008 à 18:55:19,40

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "JOETPAM"

    Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO

    Microsoft Windows Vista 6.0.6000
    Internet Explorer : 7.0.6000.16609
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***




    *** Recherche dossiers dans C:\Windows ***



    *** Recherche dossiers dans C:\Program Files ***


    *** Recherche dossiers dans C:\ProgramData ***


    *** Recherche dossiers dans C:\ProgramData\Microsoft\Windows\Start Menu\Programs ***

    ...\InternetGameBox trouvé !

    *** Recherche dossiers dans c:\users\joetpam\appdata\roaming\microsoft\windows\start menu\programs ***


    *** Recherche dossiers dans C:\Users\JOETPAM\AppData\Local\virtualstore\Program Files ***

    ...\InternetGameBox trouvé !


    *** Recherche dossiers dans C:\Users\JOETPAM\AppData\Roaming ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun Fichier trouvé



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans C:\Windows\system32 *

    * Recherche dans C:\Users\JOETPAM\AppData\Local\Microsoft *

    * Recherche dans C:\Users\JOETPAM\AppData\Local\virtualstore\windows\system32 *

    * Recherche dans C:\Users\JOETPAM\AppData\Local *



    *** Recherche fichiers ***


    C:\Windows\system32\nvs2.inf trouvé !


    *** Recherche clés spécifiques dans le Registre ***

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans C:\Windows\system32 :


    * Dans C:\Users\JOETPAM\AppData\Local\Microsoft :


    * Dans C:\Users\JOETPAM\AppData\Local\virtualstore\windows\system32 :


    * Dans C:\Users\JOETPAM\AppData\Local :


    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche fichiers connus :



    *** Analyse terminée le 27/03/2008 à 19:04:05,46 ***
    27 Mars 2008 19:37:52

    Re,

    1) Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
    Au menu principal, choisis 2 et valide.

    Le fix va t'informer qu'il va alors redémarrer ton PC
    Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
    Appuie sur une touche comme demandé.
    (si ton PC ne redémarre pas automatiquement, fais le toi même)
    Au redémarrage de ton PC, choisis ta session habituelle.

    Patiente jusqu'au message :
    *** Nettoyage Termine le ..... ***
    Le bloc note va s'ouvrir.
    Sauvegarde le rapport de manière à le retrouver
    Referme le bloc note. Ton bureau va réapparaître

    PS:Si ton bureau ne réapparaît pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
    Tape explorer et valide. Cela te fera apparaître ton bureau


    2) Vas dans Démarrer/panneau de configuration/options internet
    - onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés", mais regarde ailleurs :
    electronic-group
    egroup
    Montorgueil
    VIP
    "Sunny Day Design Ltd"
    ooo <<Favorit>>
    Favorit


    Tu les supprimes.

    3) Redémarre normalement et poste le rapport cleannavi.txt

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS