Votre question

aidez moi gros virus !

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Mars 2008 16:35:58

bonjoura tous, voila depuis quelques temps le disque dr de mon PC se vide petit à petit et avast m'a detecté un cheval de trois :Win32:Adloader-KH [Trj], voila je ne sais pas quoi faire, avast ne me l'a pas supprimé, ni sécuser.Com ni rien. aidez svp merci a +

Autres pages sur : aidez gros virus

9 Mars 2008 17:14:17

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:13:41, on 09/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {3B5809B9-0A4D-4CDE-B45A-352C8733E4F0} - C:\Program Files\Fichiers communs\holeC:\DOCUME~1\ROMAIN~1\LOCALS~1\Temp\mst455101.exe.dll (file missing)
O2 - BHO: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur VINRO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P41 "Auto EPSON Stylus CX6600 Series sur VINRO" /O18 "\\VINRO\Imprimante" /M "Stylus CX6600"
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [6E717573737A7877] E3E6EAE8E8EFED.exe
O4 - HKLM\..\Run: [NlMediaCenter] C:\Documents and Settings\Romain RODRIGUEZ\owucxm.exe
O4 - HKCU\..\Run: [E06FDXRC_3343468] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MapiKind] C:\DOCUME~1\ROMAIN~1\APPLIC~1\FOURPI~1\antesaveball.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Startup: Mopy Points Collector.lnk = C:\MOPYFISH\GETPOINT.EXE
O4 - Startup: PicoPhone.lnk = C:\Documents and Settings\Romain RODRIGUEZ\Mes documents\PicoPhone164.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jor...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = romain
O17 - HKLM\Software\..\Telephony: DomainName = romain
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = romain
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

--
End of file - 15984 bytes
Contenus similaires
9 Mars 2008 17:19:01

je fais quoi maintenant ? merci
9 Mars 2008 17:19:39

Re,

1) Télécharge BTFix ([#ff0000]Bibi26[/#f]).
Dézippe l'archive sur ton Bureau.
  • Ouvre le dossier BTFix.
  • Double clique sur BTFix.exe.
  • Clique sur Rechercher.
  • Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

    2) Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )
    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    ;) 
    9 Mars 2008 17:22:32

    ça ma l'ai compliquémais je pense que je vais y arriver merci je te tient au courant
    9 Mars 2008 17:25:35

    BTFix 1.085 (par bibi26) - 09/03/2008 17:25:01 - Analyse
    Lancé depuis C:\Documents and Settings\Romain RODRIGUEZ\Bureau\BTFix\BTFix\BTFix.exe

    ---> Fichiers/Dossiers trouvés

    - C:\Program Files\Temporary\
    - C:\Program Files\MyWaySA\

    ---> Analyse terminée
    9 Mars 2008 17:30:14


    -----------------------------[ Lop S&D 4.0.4 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Romain RODRIGUEZ ] [ "C:\Lop SD" ]
    [ 09/03/2008 | 17:27:01,01 ] [ PC : R ]
    [ MAJ : 05-03-2008 | 13:30 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [17/02/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [17/02/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [03/03/2007|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Tool Owns Dvd
    [19/01/2008|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [14/02/2007|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [28/05/2006|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [16/07/2006|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [03/02/2007|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [05/05/2007|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
    [07/12/2007|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
    [20/08/2004|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [06/01/2007|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
    [17/02/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
    [23/08/2006|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [26/06/2006|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installer.log
    [04/05/2006|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [10/06/2006|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [04/05/2006|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [04/05/2006|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
    [23/06/2006|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
    [24/06/2006|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [25/06/2006|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/02/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [21/08/2007|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
    [10/04/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbError.bmp
    [06/04/2007|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
    [04/05/2006|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [08/08/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [20/08/2004|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [09/01/2008|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [17/02/2008|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [04/05/2006|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [29/10/2006|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [25/11/2006|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [04/05/2006|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [02/08/2006|09:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [13/10/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [15/10/2007|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [19/01/2008|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [04/05/2006|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [04/05/2006|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [04/05/2006|21:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
    [20/08/2004|10:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [20/08/2004|10:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [20/08/2004|10:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [04/05/2006|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [04/05/2006|21:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

    [29/10/2006|11:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [29/10/2006|11:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [11/05/2006|17:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
    [15/12/2006|21:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [25/06/2006|14:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [25/06/2006|14:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [29/10/2006|11:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [25/06/2006|14:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [11/05/2006|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [11/05/2006|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [11/05/2006|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

    [26/02/2008|17:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\.
    [26/02/2008|17:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\..
    [10/01/2008|17:36] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Adobe
    [02/01/2007|17:57] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Ahead
    [18/03/2007|09:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\ArcSoft
    [09/02/2008|20:42] C:\DOCUME~1\ROMAIN~1\APPLIC~1\BitTorrent
    [09/03/2008|17:27] C:\DOCUME~1\ROMAIN~1\APPLIC~1\BitTorrent DNA
    [17/03/2007|16:23] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Canon
    [27/02/2008|18:44] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Corel
    [11/05/2006|17:52] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Corel Photo Album
    [07/12/2007|16:30] C:\DOCUME~1\ROMAIN~1\APPLIC~1\DassaultSystemes
    [20/08/2004|10:30] C:\DOCUME~1\ROMAIN~1\APPLIC~1\desktop.ini
    [14/02/2007|14:21] C:\DOCUME~1\ROMAIN~1\APPLIC~1\DivX
    [26/07/2006|19:10] C:\DOCUME~1\ROMAIN~1\APPLIC~1\dvd.bmk
    [18/11/2007|19:14] C:\DOCUME~1\ROMAIN~1\APPLIC~1\DWGeditor
    [05/10/2006|18:12] C:\DOCUME~1\ROMAIN~1\APPLIC~1\eConf
    [04/11/2006|11:41] C:\DOCUME~1\ROMAIN~1\APPLIC~1\flightgear.org
    [26/06/2006|13:58] C:\DOCUME~1\ROMAIN~1\APPLIC~1\FotoWire
    [03/03/2007|11:03] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Four ping warn
    [23/08/2006|10:56] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Google
    [17/02/2008|19:26] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Help
    [20/08/2004|10:41] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Identities
    [10/06/2006|17:28] C:\DOCUME~1\ROMAIN~1\APPLIC~1\InterVideo
    [24/06/2006|11:14] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Kazaa Lite
    [04/02/2007|11:55] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Lavasoft
    [11/05/2006|18:24] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Leadertech
    [31/01/2008|18:17] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Live-Prod
    [23/06/2006|16:52] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Macromedia
    [11/05/2006|18:12] C:\DOCUME~1\ROMAIN~1\APPLIC~1\McAfee.com Personal Firewall
    [15/10/2007|19:56] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Microsoft
    [11/05/2006|16:53] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Microsoft Web Folders
    [21/08/2007|10:58] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Mozilla
    [23/06/2006|16:53] C:\DOCUME~1\ROMAIN~1\APPLIC~1\MSNInstaller
    [02/12/2006|10:28] C:\DOCUME~1\ROMAIN~1\APPLIC~1\ntr
    [04/11/2006|11:21] C:\DOCUME~1\ROMAIN~1\APPLIC~1\OpenCity
    [20/10/2007|08:29] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Real
    [27/12/2006|17:12] C:\DOCUME~1\ROMAIN~1\APPLIC~1\ScanSoft
    [17/05/2007|17:11] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Screenshot Sender
    [17/02/2008|17:15] C:\DOCUME~1\ROMAIN~1\APPLIC~1\skypePM
    [22/12/2007|19:32] C:\DOCUME~1\ROMAIN~1\APPLIC~1\SolidWorks
    [11/05/2006|18:27] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Sonic
    [04/05/2006|21:12] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Sun
    [25/06/2006|14:04] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Symantec
    [21/08/2007|10:58] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Talkback
    [15/05/2006|17:23] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Template
    [20/10/2007|08:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\vlc
    [26/02/2008|17:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Windows Live Writer
    [19/07/2007|18:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Xi
    [04/05/2006|21:19] C:\DOCUME~1\ROMAIN~1\APPLIC~1\You've Got Pictures Screensaver

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [09/03/2008 17:10][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [09/03/2008 17:00][--ah-----] C:\WINDOWS\tasks\AB631C03918491DB.job
    [12/05/2006 19:30][--a------] C:\WINDOWS\tasks\Rappel d'abonnement 1 auprŠs de l'ISP.job
    [09/03/2008 16:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [09/03/2008|17:12] C:\Program Files\.
    [09/03/2008|17:12] C:\Program Files\..
    [10/01/2008|17:32] C:\Program Files\3D Flash Animator 4 Release 5
    [03/05/2007|18:14] C:\Program Files\Activision
    [18/11/2007|10:48] C:\Program Files\Activision Value
    [19/01/2008|22:24] C:\Program Files\Adobe
    [06/03/2007|13:20] C:\Program Files\Adverts
    [06/03/2007|18:07] C:\Program Files\Ahead
    [20/06/2007|19:56] C:\Program Files\Alwil Software
    [04/02/2007|19:07] C:\Program Files\Antipub
    [29/11/2006|20:53] C:\Program Files\Anyplace Control
    [09/03/2008|12:43] C:\Program Files\ArcSoft
    [03/01/2007|13:49] C:\Program Files\Atari
    [15/06/2007|18:32] C:\Program Files\Auralog
    [24/05/2007|21:04] C:\Program Files\Auran
    [23/02/2008|10:23] C:\Program Files\BankPerfect
    [09/02/2008|19:33] C:\Program Files\BitTorrent
    [25/06/2007|16:45] C:\Program Files\BitTorrent Fastest Tool
    [09/02/2008|19:33] C:\Program Files\BitTorrent_DNA
    [17/07/2006|10:27] C:\Program Files\Boonty
    [09/03/2007|17:46] C:\Program Files\Canon
    [03/02/2007|13:36] C:\Program Files\CanonBJ
    [08/03/2008|14:51] C:\Program Files\CCleaner
    [08/05/2007|12:46] C:\Program Files\Corel
    [03/01/2007|13:36] C:\Program Files\DAEMON Tools
    [14/02/2007|13:22] C:\Program Files\Dell
    [09/09/2006|09:35] C:\Program Files\Digital Photo Navigator 1.0
    [22/09/2007|08:30] C:\Program Files\DivX
    [14/02/2007|13:22] C:\Program Files\Donjon de Naheulbeulk
    [29/01/2008|17:18] C:\Program Files\Dot1XCfg
    [20/04/2007|18:41] C:\Program Files\Dragon Systems
    [18/11/2007|19:18] C:\Program Files\DWGeditor
    [03/05/2007|18:08] C:\Program Files\Elaborate Bytes
    [14/02/2007|13:23] C:\Program Files\eMule
    [14/02/2007|13:22] C:\Program Files\epson
    [26/07/2007|12:34] C:\Program Files\Eurobarre
    [15/01/2007|20:30] C:\Program Files\Fake Webcam
    [17/02/2008|17:23] C:\Program Files\Fichiers communs
    [25/11/2007|12:09] C:\Program Files\Finale 2006
    [14/02/2007|13:23] C:\Program Files\FlightGear
    [17/07/2006|10:02] C:\Program Files\Foreignword
    [17/02/2007|09:48] C:\Program Files\Four ping warn
    [26/11/2006|17:15] C:\Program Files\GameSpy Arcade
    [24/01/2008|20:39] C:\Program Files\Google
    [20/06/2007|19:11] C:\Program Files\Grisoft
    [08/05/2007|12:50] C:\Program Files\Hornet 3 Demo
    [22/01/2008|17:43] C:\Program Files\InetGet2
    [20/02/2008|17:30] C:\Program Files\InstallShield Installation Information
    [04/05/2006|21:16] C:\Program Files\Intel
    [04/05/2006|21:16] C:\Program Files\InterActual
    [13/02/2008|21:14] C:\Program Files\Internet Explorer
    [10/06/2006|14:15] C:\Program Files\InterVideo
    [21/06/2006|12:22] C:\Program Files\Inventel
    [01/09/2007|10:00] C:\Program Files\Java
    [21/08/2007|11:34] C:\Program Files\K-Lite Codec Pack
    [03/05/2007|18:39] C:\Program Files\Lavalys
    [04/02/2007|11:55] C:\Program Files\Lavasoft
    [08/03/2008|14:05] C:\Program Files\LiveKillCleanMessenger
    [19/01/2008|10:41] C:\Program Files\Livre Album Fuji Photo
    [26/06/2006|13:58] C:\Program Files\Logitech
    [10/01/2008|17:31] C:\Program Files\Magic Karaoke Maker
    [10/06/2006|14:17] C:\Program Files\Managed DirectX (0901)
    [04/05/2006|21:24] C:\Program Files\McAfee
    [28/09/2007|16:44] C:\Program Files\MediaInfo
    [08/08/2006|11:36] C:\Program Files\Mediathek
    [27/01/2008|11:04] C:\Program Files\Messenger
    [26/02/2008|11:32] C:\Program Files\Messenger Plus! Live
    [14/02/2007|13:46] C:\Program Files\MessengerDiscovery
    [24/06/2006|20:33] C:\Program Files\MessengerPlus! 3
    [21/08/2006|09:32] C:\Program Files\Micro Application
    [10/05/2007|08:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [11/05/2006|17:05] C:\Program Files\Microsoft Encarta
    [11/05/2006|16:53] C:\Program Files\microsoft frontpage
    [18/11/2007|19:03] C:\Program Files\Microsoft Office
    [02/12/2007|09:23] C:\Program Files\Microsoft SQL Server Compact Edition
    [04/03/2007|20:23] C:\Program Files\Microsoft Visual Studio
    [19/04/2007|18:28] C:\Program Files\Microsoft Windows Script
    [04/03/2007|20:24] C:\Program Files\Microsoft Works
    [04/03/2007|20:22] C:\Program Files\Microsoft.NET
    [28/02/2008|18:22] C:\Program Files\Movie Maker
    [19/02/2008|10:11] C:\Program Files\Mozilla Firefox
    [02/09/2006|16:22] C:\Program Files\MP3 Player Utilities
    [04/03/2007|20:24] C:\Program Files\MSBuild
    [11/05/2006|16:38] C:\Program Files\MSN
    [20/08/2004|10:34] C:\Program Files\MSN Gaming Zone
    [15/08/2007|10:14] C:\Program Files\MSXML 4.0
    [02/07/2007|11:14] C:\Program Files\Multi_Media
    [25/06/2007|16:32] C:\Program Files\Multi_Media_France
    [04/05/2006|21:19] C:\Program Files\MyWaySA
    [27/06/2006|19:41] C:\Program Files\NASA
    [31/12/2006|11:58] C:\Program Files\Nero
    [14/02/2007|13:22] C:\Program Files\NetMeeting
    [18/02/2007|10:55] C:\Program Files\NTR Global
    [20/08/2004|10:34] C:\Program Files\Online Services
    [07/05/2007|16:42] C:\Program Files\Online_TV
    [04/04/2007|11:50] C:\Program Files\Orb Networks
    [28/02/2008|18:22] C:\Program Files\Outlook Express
    [14/05/2006|09:03] C:\Program Files\PIXELA
    [25/06/2007|16:33] C:\Program Files\Player Tool
    [14/02/2007|13:22] C:\Program Files\QuickTime
    [08/08/2006|09:03] C:\Program Files\Real
    [14/07/2006|10:54] C:\Program Files\RngInterstitial.dll
    [06/03/2007|17:24] C:\Program Files\Roxio
    [09/01/2008|18:43] C:\Program Files\ScanSoft
    [21/06/2006|12:17] C:\Program Files\Securitoo
    [20/08/2004|10:35] C:\Program Files\Services en ligne
    [04/05/2006|21:14] C:\Program Files\Sigmatel
    [08/08/2006|11:21] C:\Program Files\Smart Link
    [18/11/2007|19:09] C:\Program Files\SolidWorks
    [04/05/2006|21:22] C:\Program Files\Sonic
    [09/02/2008|11:17] C:\Program Files\StreamDown v6.4
    [18/11/2007|18:53] C:\Program Files\SW2007SDK
    [29/01/2008|17:18] C:\Program Files\Temporary
    [17/10/2006|18:32] C:\Program Files\TGTSoft
    [09/03/2008|17:12] C:\Program Files\Trend Micro
    [02/05/2007|14:08] C:\Program Files\Trymedia
    [04/07/2007|11:31] C:\Program Files\Ubisoft
    [30/06/2007|09:41] C:\Program Files\ViaVoice
    [20/10/2007|08:32] C:\Program Files\VideoLAN
    [04/05/2006|21:19] C:\Program Files\Viewpoint
    [28/09/2006|18:06] C:\Program Files\Virtual Look 2
    [28/08/2007|12:24] C:\Program Files\VirtualDJ
    [09/03/2008|09:23] C:\Program Files\Wanadoo
    [04/05/2006|21:20] C:\Program Files\Wanadoo Europe
    [14/02/2007|13:39] C:\Program Files\Webcamfirst
    [20/10/2007|08:52] C:\Program Files\Winamp
    [18/11/2007|19:02] C:\Program Files\Windows Desktop Search
    [28/02/2008|09:01] C:\Program Files\Windows Live
    [24/11/2007|11:16] C:\Program Files\Windows Live Favorites
    [03/12/2007|18:09] C:\Program Files\Windows Live Toolbar
    [29/08/2007|20:01] C:\Program Files\Windows Media Components
    [15/12/2006|21:40] C:\Program Files\Windows Media Connect 2
    [20/01/2008|20:20] C:\Program Files\Windows Media Player
    [20/08/2004|10:34] C:\Program Files\Windows NT
    [25/11/2006|11:48] C:\Program Files\WinRAR
    [20/08/2004|10:37] C:\Program Files\xerox
    [19/07/2007|18:30] C:\Program Files\Xi
    [20/05/2007|17:22] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [17/02/2008|17:23] C:\Program Files\Fichiers communs\.
    [17/02/2008|17:23] C:\Program Files\Fichiers communs\..
    [04/03/2007|11:08] C:\Program Files\Fichiers communs\Adobe
    [06/03/2007|18:06] C:\Program Files\Fichiers communs\Ahead
    [14/02/2007|13:22] C:\Program Files\Fichiers communs\AOL
    [16/07/2006|14:03] C:\Program Files\Fichiers communs\BOONTY Shared
    [05/05/2007|11:52] C:\Program Files\Fichiers communs\Corel
    [18/11/2007|19:05] C:\Program Files\Fichiers communs\DESIGNER
    [18/11/2007|19:12] C:\Program Files\Fichiers communs\eDrawings2007
    [06/01/2007|16:58] C:\Program Files\Fichiers communs\element5 Shared
    [23/06/2006|16:42] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    [26/06/2006|13:58] C:\Program Files\Fichiers communs\FotoWire
    [04/05/2006|21:21] C:\Program Files\Fichiers communs\InstallShield
    [10/06/2006|18:32] C:\Program Files\Fichiers communs\InterVideo
    [04/05/2006|21:12] C:\Program Files\Fichiers communs\Java
    [26/06/2006|13:57] C:\Program Files\Fichiers communs\Logitech
    [07/06/2006|15:45] C:\Program Files\Fichiers communs\Micro Application Shared
    [02/12/2007|09:18] C:\Program Files\Fichiers communs\Microsoft Shared
    [20/08/2004|10:35] C:\Program Files\Fichiers communs\MSSoap
    [04/05/2006|21:19] C:\Program Files\Fichiers communs\Nullsoft
    [04/03/2007|20:22] C:\Program Files\Fichiers communs\ODBC
    [20/10/2007|08:29] C:\Program Files\Fichiers communs\Real
    [04/05/2006|21:16] C:\Program Files\Fichiers communs\Roxio Shared
    [08/08/2006|09:03] C:\Program Files\Fichiers communs\Sandlot Shared
    [27/12/2006|17:12] C:\Program Files\Fichiers communs\ScanSoft Shared
    [20/08/2004|10:35] C:\Program Files\Fichiers communs\Services
    [18/11/2007|19:03] C:\Program Files\Fichiers communs\Solidworks Data
    [18/11/2007|19:09] C:\Program Files\Fichiers communs\SolidWorks Shared
    [06/03/2007|17:27] C:\Program Files\Fichiers communs\Sonic Shared
    [20/08/2004|10:30] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2007|12:10] C:\Program Files\Fichiers communs\System
    [02/12/2007|09:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [16/04/2007|18:30] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [15/01/2008|22:34] C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe
    [22/01/2008|17:35] C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Adverts
    C:\Program Files\Multi_Media
    C:\Program Files\Multi_Media\INSTALL.LOG
    C:\Program Files\Multi_Media_France
    C:\Program Files\Multi_Media_France\INSTALL.LOG
    C:\WINDOWS\Tasks\AB631C03918491DB.job

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-09 17:28:37
    Windows 5.1.2600 Service Pack 2 NTFS
    detected NTDLL code modification:
    ZwEnumerateKey, ZwEnumerateValueKey, ZwQueryDirectoryFile, ZwQuerySystemInformation
    scanning hidden files ...
    C:\WINDOWS\System32\vxuzuwxdvv.dat 4873 bytes
    C:\WINDOWS\System32\vxuzuwxdvv.exe 388096 bytes executable
    C:\WINDOWS\System32\vxuzuwxdvv_nav.dat 387461 bytes
    C:\WINDOWS\System32\vxuzuwxdvv_navps.dat 2044 bytes
    scan completed successfully
    hidden files: 4

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\pack.epk
    C:\WINDOWS\system32\nvs2.inf
    ! EGDACCESS !

    C:\Program Files\Dot1XCfg
    ! Virus MSN !


    /!\ [Fich:119][Doss:18] C:\DOCUME~1\ROMAIN~1\LOCALS~1\Temp
    /!\ [Fich:104][Doss:0] C:\DOCUME~1\ROMAIN~1\Cookies
    /!\ [Fich:7325][Doss:13] C:\DOCUME~1\ROMAIN~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 17:28:59,07 ]----------------------
    9 Mars 2008 17:45:30

    aidez moi svp !!!!!
    9 Mars 2008 17:49:25

    Minute on se calme, je ne suis pas à ta disposition !

    1)
  • Ouvre à nouveau BTFix.
  • Clique sur Nettoyer.
  • Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

    2) Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré ( C:\lopR.txt )

    (Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    3) Reposte un nouveau rapport hijackthis.

    ;) 
    9 Mars 2008 18:11:22

    BTFix 1.085 (par bibi26) - 09/03/2008 18:07:55 - Nettoyage - Mode normal
    Lancé depuis C:\Documents and Settings\Romain RODRIGUEZ\Bureau\en cas de virus\BTFix\BTFix\BTFix.exe

    ---> Fichiers/dossiers supprimés (Première passe)

    - Fichiers temporaires effacés

    ---> Nettoyage terminé

    9 Mars 2008 18:12:31

    BTFix 1.085 (par bibi26) - 09/03/2008 18:07:55 - Nettoyage - Mode normal
    Lancé depuis C:\Documents and Settings\Romain RODRIGUEZ\Bureau\en cas de virus\BTFix\BTFix\BTFix.exe

    ---> Fichiers/dossiers supprimés (Première passe)

    - Fichiers temporaires effacés

    ---> Nettoyage terminé

    9 Mars 2008 18:17:09

    -----------------------------[ Lop S&D 4.0.4 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Romain RODRIGUEZ ] [ "C:\Lop SD" ]
    [ 09/03/2008 | 18:13:37,23 ] [ PC : R ]
    [ MAJ : 05-03-2008 | 13:30 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\Program Files\Multi_Media\INSTALL.LOG
    Supprimé! - C:\Program Files\Multi_Media_France\INSTALL.LOG
    Supprimé! - C:\WINDOWS\Tasks\AB631C03918491DB.job
    Supprimé! - C:\Program Files\Adverts
    Supprimé! - C:\Program Files\Multi_Media
    Supprimé! - C:\Program Files\Multi_Media_France
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprimé! - C:\Program Files\Boonty
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Boonty
    Supprimé! - C:\Program Files\Online_TV
    Supprimé! - C:\Program Files\Viewpoint
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [09/03/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [09/03/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [03/03/2007|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Tool Owns Dvd
    [19/01/2008|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [14/02/2007|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [28/05/2006|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/02/2007|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [05/05/2007|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
    [07/12/2007|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
    [20/08/2004|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [06/01/2007|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
    [17/02/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
    [23/08/2006|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [26/06/2006|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installer.log
    [04/05/2006|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [10/06/2006|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [04/05/2006|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [04/05/2006|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
    [23/06/2006|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
    [24/06/2006|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [25/06/2006|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/02/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [21/08/2007|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
    [10/04/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbError.bmp
    [06/04/2007|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
    [04/05/2006|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [08/08/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [20/08/2004|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [09/01/2008|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [17/02/2008|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [04/05/2006|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [29/10/2006|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [25/11/2006|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [02/08/2006|09:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [13/10/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [15/10/2007|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [19/01/2008|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [04/05/2006|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [04/05/2006|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [04/05/2006|21:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
    [20/08/2004|10:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [20/08/2004|10:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [20/08/2004|10:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [04/05/2006|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [04/05/2006|21:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

    [29/10/2006|11:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [29/10/2006|11:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [11/05/2006|17:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
    [15/12/2006|21:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [25/06/2006|14:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [25/06/2006|14:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [29/10/2006|11:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [25/06/2006|14:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [11/05/2006|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [11/05/2006|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [11/05/2006|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

    [26/02/2008|17:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\.
    [26/02/2008|17:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\..
    [10/01/2008|17:36] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Adobe
    [02/01/2007|17:57] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Ahead
    [18/03/2007|09:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\ArcSoft
    [09/02/2008|20:42] C:\DOCUME~1\ROMAIN~1\APPLIC~1\BitTorrent
    [09/03/2008|18:02] C:\DOCUME~1\ROMAIN~1\APPLIC~1\BitTorrent DNA
    [17/03/2007|16:23] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Canon
    [27/02/2008|18:44] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Corel
    [11/05/2006|17:52] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Corel Photo Album
    [07/12/2007|16:30] C:\DOCUME~1\ROMAIN~1\APPLIC~1\DassaultSystemes
    [20/08/2004|10:30] C:\DOCUME~1\ROMAIN~1\APPLIC~1\desktop.ini
    [14/02/2007|14:21] C:\DOCUME~1\ROMAIN~1\APPLIC~1\DivX
    [26/07/2006|19:10] C:\DOCUME~1\ROMAIN~1\APPLIC~1\dvd.bmk
    [18/11/2007|19:14] C:\DOCUME~1\ROMAIN~1\APPLIC~1\DWGeditor
    [05/10/2006|18:12] C:\DOCUME~1\ROMAIN~1\APPLIC~1\eConf
    [04/11/2006|11:41] C:\DOCUME~1\ROMAIN~1\APPLIC~1\flightgear.org
    [26/06/2006|13:58] C:\DOCUME~1\ROMAIN~1\APPLIC~1\FotoWire
    [03/03/2007|11:03] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Four ping warn
    [23/08/2006|10:56] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Google
    [17/02/2008|19:26] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Help
    [20/08/2004|10:41] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Identities
    [10/06/2006|17:28] C:\DOCUME~1\ROMAIN~1\APPLIC~1\InterVideo
    [24/06/2006|11:14] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Kazaa Lite
    [04/02/2007|11:55] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Lavasoft
    [11/05/2006|18:24] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Leadertech
    [31/01/2008|18:17] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Live-Prod
    [23/06/2006|16:52] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Macromedia
    [11/05/2006|18:12] C:\DOCUME~1\ROMAIN~1\APPLIC~1\McAfee.com Personal Firewall
    [15/10/2007|19:56] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Microsoft
    [11/05/2006|16:53] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Microsoft Web Folders
    [21/08/2007|10:58] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Mozilla
    [23/06/2006|16:53] C:\DOCUME~1\ROMAIN~1\APPLIC~1\MSNInstaller
    [02/12/2006|10:28] C:\DOCUME~1\ROMAIN~1\APPLIC~1\ntr
    [04/11/2006|11:21] C:\DOCUME~1\ROMAIN~1\APPLIC~1\OpenCity
    [20/10/2007|08:29] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Real
    [27/12/2006|17:12] C:\DOCUME~1\ROMAIN~1\APPLIC~1\ScanSoft
    [17/05/2007|17:11] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Screenshot Sender
    [17/02/2008|17:15] C:\DOCUME~1\ROMAIN~1\APPLIC~1\skypePM
    [22/12/2007|19:32] C:\DOCUME~1\ROMAIN~1\APPLIC~1\SolidWorks
    [11/05/2006|18:27] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Sonic
    [04/05/2006|21:12] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Sun
    [25/06/2006|14:04] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Symantec
    [21/08/2007|10:58] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Talkback
    [15/05/2006|17:23] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Template
    [20/10/2007|08:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\vlc
    [26/02/2008|17:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Windows Live Writer
    [19/07/2007|18:33] C:\DOCUME~1\ROMAIN~1\APPLIC~1\Xi
    [04/05/2006|21:19] C:\DOCUME~1\ROMAIN~1\APPLIC~1\You've Got Pictures Screensaver

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [09/03/2008 18:10][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [12/05/2006 19:30][--a------] C:\WINDOWS\tasks\Rappel d'abonnement 1 auprŠs de l'ISP.job
    [09/03/2008 18:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [09/03/2008|18:13] C:\Program Files\.
    [09/03/2008|18:13] C:\Program Files\..
    [10/01/2008|17:32] C:\Program Files\3D Flash Animator 4 Release 5
    [03/05/2007|18:14] C:\Program Files\Activision
    [18/11/2007|10:48] C:\Program Files\Activision Value
    [19/01/2008|22:24] C:\Program Files\Adobe
    [06/03/2007|18:07] C:\Program Files\Ahead
    [20/06/2007|19:56] C:\Program Files\Alwil Software
    [04/02/2007|19:07] C:\Program Files\Antipub
    [29/11/2006|20:53] C:\Program Files\Anyplace Control
    [09/03/2008|12:43] C:\Program Files\ArcSoft
    [03/01/2007|13:49] C:\Program Files\Atari
    [15/06/2007|18:32] C:\Program Files\Auralog
    [24/05/2007|21:04] C:\Program Files\Auran
    [23/02/2008|10:23] C:\Program Files\BankPerfect
    [09/02/2008|19:33] C:\Program Files\BitTorrent
    [25/06/2007|16:45] C:\Program Files\BitTorrent Fastest Tool
    [09/02/2008|19:33] C:\Program Files\BitTorrent_DNA
    [09/03/2007|17:46] C:\Program Files\Canon
    [03/02/2007|13:36] C:\Program Files\CanonBJ
    [08/03/2008|14:51] C:\Program Files\CCleaner
    [08/05/2007|12:46] C:\Program Files\Corel
    [03/01/2007|13:36] C:\Program Files\DAEMON Tools
    [14/02/2007|13:22] C:\Program Files\Dell
    [09/09/2006|09:35] C:\Program Files\Digital Photo Navigator 1.0
    [22/09/2007|08:30] C:\Program Files\DivX
    [14/02/2007|13:22] C:\Program Files\Donjon de Naheulbeulk
    [29/01/2008|17:18] C:\Program Files\Dot1XCfg
    [20/04/2007|18:41] C:\Program Files\Dragon Systems
    [18/11/2007|19:18] C:\Program Files\DWGeditor
    [03/05/2007|18:08] C:\Program Files\Elaborate Bytes
    [14/02/2007|13:23] C:\Program Files\eMule
    [14/02/2007|13:22] C:\Program Files\epson
    [26/07/2007|12:34] C:\Program Files\Eurobarre
    [15/01/2007|20:30] C:\Program Files\Fake Webcam
    [17/02/2008|17:23] C:\Program Files\Fichiers communs
    [25/11/2007|12:09] C:\Program Files\Finale 2006
    [14/02/2007|13:23] C:\Program Files\FlightGear
    [17/07/2006|10:02] C:\Program Files\Foreignword
    [17/02/2007|09:48] C:\Program Files\Four ping warn
    [26/11/2006|17:15] C:\Program Files\GameSpy Arcade
    [24/01/2008|20:39] C:\Program Files\Google
    [20/06/2007|19:11] C:\Program Files\Grisoft
    [08/05/2007|12:50] C:\Program Files\Hornet 3 Demo
    [22/01/2008|17:43] C:\Program Files\InetGet2
    [20/02/2008|17:30] C:\Program Files\InstallShield Installation Information
    [04/05/2006|21:16] C:\Program Files\Intel
    [04/05/2006|21:16] C:\Program Files\InterActual
    [13/02/2008|21:14] C:\Program Files\Internet Explorer
    [10/06/2006|14:15] C:\Program Files\InterVideo
    [21/06/2006|12:22] C:\Program Files\Inventel
    [01/09/2007|10:00] C:\Program Files\Java
    [21/08/2007|11:34] C:\Program Files\K-Lite Codec Pack
    [03/05/2007|18:39] C:\Program Files\Lavalys
    [04/02/2007|11:55] C:\Program Files\Lavasoft
    [08/03/2008|14:05] C:\Program Files\LiveKillCleanMessenger
    [19/01/2008|10:41] C:\Program Files\Livre Album Fuji Photo
    [26/06/2006|13:58] C:\Program Files\Logitech
    [10/01/2008|17:31] C:\Program Files\Magic Karaoke Maker
    [10/06/2006|14:17] C:\Program Files\Managed DirectX (0901)
    [04/05/2006|21:24] C:\Program Files\McAfee
    [28/09/2007|16:44] C:\Program Files\MediaInfo
    [08/08/2006|11:36] C:\Program Files\Mediathek
    [27/01/2008|11:04] C:\Program Files\Messenger
    [26/02/2008|11:32] C:\Program Files\Messenger Plus! Live
    [14/02/2007|13:46] C:\Program Files\MessengerDiscovery
    [24/06/2006|20:33] C:\Program Files\MessengerPlus! 3
    [21/08/2006|09:32] C:\Program Files\Micro Application
    [10/05/2007|08:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [11/05/2006|17:05] C:\Program Files\Microsoft Encarta
    [11/05/2006|16:53] C:\Program Files\microsoft frontpage
    [18/11/2007|19:03] C:\Program Files\Microsoft Office
    [02/12/2007|09:23] C:\Program Files\Microsoft SQL Server Compact Edition
    [04/03/2007|20:23] C:\Program Files\Microsoft Visual Studio
    [19/04/2007|18:28] C:\Program Files\Microsoft Windows Script
    [04/03/2007|20:24] C:\Program Files\Microsoft Works
    [04/03/2007|20:22] C:\Program Files\Microsoft.NET
    [28/02/2008|18:22] C:\Program Files\Movie Maker
    [19/02/2008|10:11] C:\Program Files\Mozilla Firefox
    [02/09/2006|16:22] C:\Program Files\MP3 Player Utilities
    [04/03/2007|20:24] C:\Program Files\MSBuild
    [11/05/2006|16:38] C:\Program Files\MSN
    [20/08/2004|10:34] C:\Program Files\MSN Gaming Zone
    [15/08/2007|10:14] C:\Program Files\MSXML 4.0
    [27/06/2006|19:41] C:\Program Files\NASA
    [31/12/2006|11:58] C:\Program Files\Nero
    [14/02/2007|13:22] C:\Program Files\NetMeeting
    [18/02/2007|10:55] C:\Program Files\NTR Global
    [20/08/2004|10:34] C:\Program Files\Online Services
    [04/04/2007|11:50] C:\Program Files\Orb Networks
    [28/02/2008|18:22] C:\Program Files\Outlook Express
    [14/05/2006|09:03] C:\Program Files\PIXELA
    [25/06/2007|16:33] C:\Program Files\Player Tool
    [14/02/2007|13:22] C:\Program Files\QuickTime
    [08/08/2006|09:03] C:\Program Files\Real
    [14/07/2006|10:54] C:\Program Files\RngInterstitial.dll
    [06/03/2007|17:24] C:\Program Files\Roxio
    [09/01/2008|18:43] C:\Program Files\ScanSoft
    [21/06/2006|12:17] C:\Program Files\Securitoo
    [20/08/2004|10:35] C:\Program Files\Services en ligne
    [04/05/2006|21:14] C:\Program Files\Sigmatel
    [08/08/2006|11:21] C:\Program Files\Smart Link
    [18/11/2007|19:09] C:\Program Files\SolidWorks
    [04/05/2006|21:22] C:\Program Files\Sonic
    [09/02/2008|11:17] C:\Program Files\StreamDown v6.4
    [18/11/2007|18:53] C:\Program Files\SW2007SDK
    [17/10/2006|18:32] C:\Program Files\TGTSoft
    [09/03/2008|17:12] C:\Program Files\Trend Micro
    [02/05/2007|14:08] C:\Program Files\Trymedia
    [04/07/2007|11:31] C:\Program Files\Ubisoft
    [30/06/2007|09:41] C:\Program Files\ViaVoice
    [20/10/2007|08:32] C:\Program Files\VideoLAN
    [28/09/2006|18:06] C:\Program Files\Virtual Look 2
    [28/08/2007|12:24] C:\Program Files\VirtualDJ
    [09/03/2008|18:05] C:\Program Files\Wanadoo
    [04/05/2006|21:20] C:\Program Files\Wanadoo Europe
    [14/02/2007|13:39] C:\Program Files\Webcamfirst
    [20/10/2007|08:52] C:\Program Files\Winamp
    [18/11/2007|19:02] C:\Program Files\Windows Desktop Search
    [28/02/2008|09:01] C:\Program Files\Windows Live
    [24/11/2007|11:16] C:\Program Files\Windows Live Favorites
    [03/12/2007|18:09] C:\Program Files\Windows Live Toolbar
    [29/08/2007|20:01] C:\Program Files\Windows Media Components
    [15/12/2006|21:40] C:\Program Files\Windows Media Connect 2
    [20/01/2008|20:20] C:\Program Files\Windows Media Player
    [20/08/2004|10:34] C:\Program Files\Windows NT
    [25/11/2006|11:48] C:\Program Files\WinRAR
    [20/08/2004|10:37] C:\Program Files\xerox
    [19/07/2007|18:30] C:\Program Files\Xi
    [20/05/2007|17:22] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [17/02/2008|17:23] C:\Program Files\Fichiers communs\.
    [17/02/2008|17:23] C:\Program Files\Fichiers communs\..
    [04/03/2007|11:08] C:\Program Files\Fichiers communs\Adobe
    [06/03/2007|18:06] C:\Program Files\Fichiers communs\Ahead
    [14/02/2007|13:22] C:\Program Files\Fichiers communs\AOL
    [16/07/2006|14:03] C:\Program Files\Fichiers communs\BOONTY Shared
    [05/05/2007|11:52] C:\Program Files\Fichiers communs\Corel
    [18/11/2007|19:05] C:\Program Files\Fichiers communs\DESIGNER
    [18/11/2007|19:12] C:\Program Files\Fichiers communs\eDrawings2007
    [06/01/2007|16:58] C:\Program Files\Fichiers communs\element5 Shared
    [23/06/2006|16:42] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    [26/06/2006|13:58] C:\Program Files\Fichiers communs\FotoWire
    [04/05/2006|21:21] C:\Program Files\Fichiers communs\InstallShield
    [10/06/2006|18:32] C:\Program Files\Fichiers communs\InterVideo
    [04/05/2006|21:12] C:\Program Files\Fichiers communs\Java
    [26/06/2006|13:57] C:\Program Files\Fichiers communs\Logitech
    [07/06/2006|15:45] C:\Program Files\Fichiers communs\Micro Application Shared
    [02/12/2007|09:18] C:\Program Files\Fichiers communs\Microsoft Shared
    [20/08/2004|10:35] C:\Program Files\Fichiers communs\MSSoap
    [04/05/2006|21:19] C:\Program Files\Fichiers communs\Nullsoft
    [04/03/2007|20:22] C:\Program Files\Fichiers communs\ODBC
    [20/10/2007|08:29] C:\Program Files\Fichiers communs\Real
    [04/05/2006|21:16] C:\Program Files\Fichiers communs\Roxio Shared
    [08/08/2006|09:03] C:\Program Files\Fichiers communs\Sandlot Shared
    [27/12/2006|17:12] C:\Program Files\Fichiers communs\ScanSoft Shared
    [20/08/2004|10:35] C:\Program Files\Fichiers communs\Services
    [18/11/2007|19:03] C:\Program Files\Fichiers communs\Solidworks Data
    [18/11/2007|19:09] C:\Program Files\Fichiers communs\SolidWorks Shared
    [06/03/2007|17:27] C:\Program Files\Fichiers communs\Sonic Shared
    [20/08/2004|10:30] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2007|12:10] C:\Program Files\Fichiers communs\System
    [02/12/2007|09:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [16/04/2007|18:30] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [15/01/2008|22:34] C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe
    [22/01/2008|17:35] C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-09 18:15:27
    Windows 5.1.2600 Service Pack 2 NTFS
    detected NTDLL code modification:
    ZwEnumerateKey, ZwEnumerateValueKey, ZwQueryDirectoryFile, ZwQuerySystemInformation
    scanning hidden files ...
    C:\WINDOWS\System32\vxuzuwxdvv.dat 4872 bytes
    C:\WINDOWS\System32\vxuzuwxdvv.exe 388096 bytes executable
    C:\WINDOWS\System32\vxuzuwxdvv_nav.dat 387461 bytes
    C:\WINDOWS\System32\vxuzuwxdvv_navps.dat 2044 bytes
    scan completed successfully
    hidden files: 4

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\pack.epk
    C:\WINDOWS\system32\nvs2.inf
    ! EGDACCESS !

    C:\Program Files\Dot1XCfg
    ! Virus MSN !


    /!\ [Fich:1][Doss:2] C:\DOCUME~1\ROMAIN~1\LOCALS~1\Temp
    /!\ [Fich:105][Doss:0] C:\DOCUME~1\ROMAIN~1\Cookies
    /!\ [Fich:7568][Doss:13] C:\DOCUME~1\ROMAIN~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 18:15:44,89 ]----------------------
    9 Mars 2008 18:19:15

    :hello: 








    1) Si tu es sous vista, fais d'abord ça / sinon passe de suite à l’étape suivante ;)  :

    Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ...
    et valide par OK , il te sera demandé de redémarrer, fais le )


    2) Télécharge Navilog1 de IL-MAFIOSO : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Selon l’antivirus que tu utilises navilog1 peut être détecté comme virus !!!
    Dans ce cas-là désactive le pendant le téléchargement et le scan!!!!


    Tuto : http://bibou0007.forumpro.fr/tutos-f45/fixnavilog1-t122...

    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le bloc note.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
    9 Mars 2008 18:20:01

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:19:34, on 09/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\BitTorrent_DNA\dna.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll (file missing)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: (no name) - {3B5809B9-0A4D-4CDE-B45A-352C8733E4F0} - C:\Program Files\Fichiers communs\holeC:\DOCUME~1\ROMAIN~1\LOCALS~1\Temp\mst455101.exe.dll (file missing)
    O2 - BHO: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll (file missing)
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll (file missing)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur VINRO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P41 "Auto EPSON Stylus CX6600 Series sur VINRO" /O18 "\\VINRO\Imprimante" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [6E717573737A7877] E3E6EAE8E8EFED.exe
    O4 - HKLM\..\Run: [NlMediaCenter] C:\Documents and Settings\Romain RODRIGUEZ\owucxm.exe
    O4 - HKCU\..\Run: [E06FDXRC_3343468] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MapiKind] C:\DOCUME~1\ROMAIN~1\APPLIC~1\FOURPI~1\antesaveball.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
    O4 - Startup: Mopy Points Collector.lnk = C:\MOPYFISH\GETPOINT.EXE
    O4 - Startup: PicoPhone.lnk = C:\Documents and Settings\Romain RODRIGUEZ\Mes documents\PicoPhone164.exe
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
    O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jor...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = romain
    O17 - HKLM\Software\..\Telephony: DomainName = romain
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = romain
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)
    O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    --
    End of file - 15032 bytes
    9 Mars 2008 18:20:48

    :hello: 








    1) Si tu es sous vista, fais d'abord ça / sinon passe de suite à l’étape suivante ;)  :

    Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ...
    et valide par OK , il te sera demandé de redémarrer, fais le )


    2) Télécharge Navilog1 de IL-MAFIOSO : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Selon l’antivirus que tu utilises navilog1 peut être détecté comme virus !!!
    Dans ce cas-là désactive le pendant le téléchargement et le scan!!!!


    Tuto : http://bibou0007.forumpro.fr/tutos-f45/fixnavilog1-t122...

    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le bloc note.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
    9 Mars 2008 18:32:08

    Search Navipromo version 3.5.0 commencé le 09/03/2008 à 18:24:24,15

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 04.03.2008 à 17h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***




    *** Recherche dossiers dans C:\WINDOWS ***



    *** Recherche dossiers dans C:\Program Files ***



    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




    *** Recherche dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\applic~1" ***



    *** Recherche dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" ***



    *** Recherche dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\menudm~1\progra~1" ***


    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Fichier(s) caché(s) :

    C:\WINDOWS\system32\vxuzuwxdvv.dat
    C:\WINDOWS\system32\vxuzuwxdvv.exe
    C:\WINDOWS\system32\vxuzuwxdvv_nav.dat
    C:\WINDOWS\system32\vxuzuwxdvv_navps.dat



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans C:\WINDOWS\system32 *

    * Recherche dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" *



    *** Recherche fichiers ***


    C:\WINDOWS\pack.epk trouvé !
    C:\WINDOWS\system32\nvs2.inf trouvé !


    *** Recherche clés spécifiques dans le Registre ***

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans C:\WINDOWS\system32 :

    vxuzuwxdvv.dat trouvé !

    * Dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" :


    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat OOO-Favorit trouvé !

    4)Recherche fichiers connus :



    *** Analyse terminée le 09/03/2008 à 18:31:42,34 ***
    9 Mars 2008 18:32:36

    Search Navipromo version 3.5.0 commencé le 09/03/2008 à 18:24:24,15

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 04.03.2008 à 17h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***




    *** Recherche dossiers dans C:\WINDOWS ***



    *** Recherche dossiers dans C:\Program Files ***



    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




    *** Recherche dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\applic~1" ***



    *** Recherche dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" ***



    *** Recherche dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\menudm~1\progra~1" ***


    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Fichier(s) caché(s) :

    C:\WINDOWS\system32\vxuzuwxdvv.dat
    C:\WINDOWS\system32\vxuzuwxdvv.exe
    C:\WINDOWS\system32\vxuzuwxdvv_nav.dat
    C:\WINDOWS\system32\vxuzuwxdvv_navps.dat



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans C:\WINDOWS\system32 *

    * Recherche dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" *



    *** Recherche fichiers ***


    C:\WINDOWS\pack.epk trouvé !
    C:\WINDOWS\system32\nvs2.inf trouvé !


    *** Recherche clés spécifiques dans le Registre ***

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans C:\WINDOWS\system32 :

    vxuzuwxdvv.dat trouvé !

    * Dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" :


    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat OOO-Favorit trouvé !

    4)Recherche fichiers connus :



    *** Analyse terminée le 09/03/2008 à 18:31:42,34 ***
    9 Mars 2008 18:44:51

    il y a un autre truc a faire ou pas ?
    9 Mars 2008 18:56:52

    Re,

    Il y a encore pas mal de chose à faire, on n'aura pas fini aujourd'hui :)  je te dirais quand tout sera ok.

    1) Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
    Au menu principal, choisis 2 et valide.

    Le fix va t'informer qu'il va alors redémarrer ton PC
    Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
    Appuie sur une touche comme demandé.
    (si ton PC ne redémarre pas automatiquement, fais le toi même)
    Au redémarrage de ton PC, choisis ta session habituelle.

    Patiente jusqu'au message :
    *** Nettoyage Termine le ..... ***
    Le bloc note va s'ouvrir.
    Sauvegarde le rapport de manière à le retrouver
    Referme le bloc note. Ton bureau va réapparaître

    PS:Si ton bureau ne réapparaît pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
    Tape explorer et valide. Cela te fera apparaître ton bureau


    2) Vas dans Démarrer/panneau de configuration/options internet
    - onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés", mais regarde ailleurs :
    electronic-group
    egroup
    Montorgueil
    VIP
    "Sunny Day Design Ltd"
    ooo <<Favorit>>
    Favorit


    Tu les supprimes.

    3) Redémarre normalement et poste le rapport cleannavi.txt
    9 Mars 2008 19:10:33

    Clean Navipromo version 3.5.0 commencé le 09/03/2008 à 18:59:09,53

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 04.03.2008 à 17h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11
    Système de fichiers : NTFS

    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    *** Creation backups fichiers trouvés par Catchme ***

    Copie vers "C:\Program Files\navilog1\Backupnavi"

    Copie C:\WINDOWS\system32\vxuzuwxdvv.dat réalisée avec succès !
    Copie C:\WINDOWS\system32\vxuzuwxdvv.exe réalisée avec succès !
    Copie C:\WINDOWS\system32\vxuzuwxdvv_nav.dat réalisée avec succès !
    Copie C:\WINDOWS\system32\vxuzuwxdvv_navps.dat réalisée avec succès !

    *** Suppression des fichiers trouvés avec Catchme ***

    C:\WINDOWS\system32\vxuzuwxdvv.dat supprimé !
    C:\WINDOWS\system32\vxuzuwxdvv.exe supprimé !
    C:\WINDOWS\system32\vxuzuwxdvv_nav.dat supprimé !
    C:\WINDOWS\system32\vxuzuwxdvv_navps.dat supprimé !

    ** 2ème passage avec résultats Catchme **

    * Dans C:\WINDOWS\system32 *


    C:\WINDOWS\prefetch\vxuzuwxdvv*.pf trouvé !
    Copie C:\WINDOWS\prefetch\vxuzuwxdvv*.pf réalisée avec succès !
    C:\WINDOWS\prefetch\vxuzuwxdvv*.pf supprimé !

    * Dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" *


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans C:\WINDOWS\System32 *


    * Suppression dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" *



    *** Suppression dossiers dans C:\WINDOWS ***


    *** Suppression dossiers dans C:\Program Files ***


    *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***


    *** Suppression dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Romain RODRIGUEZ\menudm~1\progra~1" ***


    *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***



    *** Suppression fichiers ***

    C:\WINDOWS\pack.epk supprimé !
    C:\WINDOWS\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Romain RODRIGUEZ\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans C:\WINDOWS\system32 *


    * Dans "C:\Documents and Settings\Romain RODRIGUEZ\locals~1\applic~1" *


    *** Sauvegarde du Registre vers dossier Backupnavi ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group supprimé !
    Certificat OOO-Favorit supprimé !

    *** Nettoyage terminé le 09/03/2008 à 19:05:52,51 ***

    9 Mars 2008 19:17:41

    aucun n'y est
    9 Mars 2008 19:27:09

    Télécharge SDFix (créé par AndyManchesta ) et sauvegarde le sur ton Bureau.
    Guide d'utilisation : http://mickael.barroux.free.fr/securite/sdfix.php

    Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
  • Redémarre ton ordinateur
  • Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
  • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
  • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
  • Choisis ton compte.
    Déroule la liste des instructions ci-dessous :
  • Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum.
    N.B.:
    - Le fichier SDFIX_README.htm (dans le dossier SDFix) contient la liste des malwares pris en compte par l'outil.
    - Andy fait plusieurs mises à jour, souvent plus d'une par jour... N'hésitez donc pas à demander de télécharger une nouvelle version lorsque le nettoyage dure et que l'outil ne semble pas tout voir.
    12 Mars 2008 14:28:56

    SDFix: Version 1.156

    Run by Romain RODRIGUEZ on 12/03/2008 at 14:07

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix

    Checking Services :

    Name:
    Windows Log

    Path:
    C:\WINDOWS\system32\nvsvcd.exe

    Windows Log - Deleted



    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting


    Checking Files :

    Trojan Files Found:

    C:\WINDOWS\SYSTEM32\E3E6EA~1.EXE - Deleted
    C:\VDM10.TMP - Deleted
    C:\VDMD.TMP - Deleted
    C:\VDME.TMP - Deleted
    C:\VDMF.TMP - Deleted
    C:\Program Files\InetGet2\YazzleBundle-1560.exe - Deleted
    C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe - Deleted
    C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe - Deleted
    C:\WINDOWS\17PHolmes1423.exe - Deleted



    Folder C:\Program Files\Dot1XCfg - Removed
    Folder C:\Program Files\InetGet2 - Removed


    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-12 14:14:02
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:699e07cb
    "s2"=dword:456dc1eb
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools\"
    "h0"=dword:00000000
    "khjeh"=hex:0a,c2,1d,3a,76,9e,ca,30,94,ba,05,6d,b1,d2,19,d1,c7,a8,5b,27,93,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,85,8b,56,5f,32,49,47,f4,8d,84,ed,29,83,14,f0,cf,7b,..
    "khjeh"=hex:98,df,2e,76,1e,fe,31,e2,4f,71,08,3b,56,f7,26,37,77,d1,db,e5,cd,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:88,a8,ff,50,0b,49,4e,0c,72,44,ff,fc,92,c5,fe,1b,29,df,6b,d3,72,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools\"
    "h0"=dword:00000000
    "khjeh"=hex:0a,c2,1d,3a,76,9e,ca,30,94,ba,05,6d,b1,d2,19,d1,c7,a8,5b,27,93,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,85,8b,56,5f,32,49,47,f4,8d,84,ed,29,83,14,f0,cf,7b,..
    "khjeh"=hex:98,df,2e,76,1e,fe,31,e2,4f,71,08,3b,56,f7,26,37,77,d1,db,e5,cd,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:88,a8,ff,50,0b,49,4e,0c,72,44,ff,fc,92,c5,fe,1b,29,df,6b,d3,72,..

    scanning hidden registry entries ...

    scanning hidden files ...


    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 15


    Remaining Services :



    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\Bureau\\cz\\hlds.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\Bureau\\cz\\hlds.exe:*:Enabled:HLDS Launcher"
    "C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:p artage de l'application RTC"
    "C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©"
    "C:\\WINDOWS\\system32\\fxsclnt.exe"="C:\\WINDOWS\\system32\\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
    "C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
    "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
    "C:\\Program Files\\PeerTV\\PeerCast.exe"="C:\\Program Files\\PeerTV\\PeerCast.exe:*:Enabled:p eerCast"
    "C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
    "C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD:*:D isabled:Age of Empires II"
    "C:\\Program Files\\Orange Link\\Application\\eConfv4\\olinkp.exe"="C:\\Program Files\\Orange Link\\Application\\eConfv4\\olinkp.exe:*:Enabled:o range Link Player"
    "C:\\Program Files\\Orange Link\\Application\\Exe\\Orange Link.exe"="C:\\Program Files\\Orange Link\\Application\\Exe\\Orange Link.exe:*:Enabled:o range Link"
    "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\MaxTV Online\\plugins\\PeerCast.exe"="C:\\Program Files\\MaxTV Online\\plugins\\PeerCast.exe:*:Enabled:p eerCast"
    "C:\\Program Files\\MaxTV Online\\plugins\\Streamer.exe"="C:\\Program Files\\MaxTV Online\\plugins\\Streamer.exe:*:Enabled:Streamer"
    "C:\\Program Files\\MaxTV Online\\maxtv.exe"="C:\\Program Files\\MaxTV Online\\maxtv.exe:*:Enabled:maxtv"
    "C:\\Program Files\\Atari\\Deer Hunter 2004 Demo\\DH2004Demo.exe"="C:\\Program Files\\Atari\\Deer Hunter 2004 Demo\\DH2004Demo.exe:*:Enabled:D H2004Demo"
    "C:\\Program Files\\Anyplace Control\\apc_host.exe"="C:\\Program Files\\Anyplace Control\\apc_host.exe:*:Enabled:Anyplace Control: www.anyplace-control.com"
    "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
    "C:\\Program Files\\Atari\\Deer Hunter 2005 Demo\\DH2005Demo.exe"="C:\\Program Files\\Atari\\Deer Hunter 2005 Demo\\DH2005Demo.exe:*:Enabled:D H2005Demo"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\Local Settings\\Temp\\Rar$EX01.531\\emule.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\Local Settings\\Temp\\Rar$EX01.531\\emule.exe:*:Enabled:eMule"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\Local Settings\\Temp\\Rar$EX05.500\\emule.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\Local Settings\\Temp\\Rar$EX05.500\\emule.exe:*:Enabled:eMule"
    "C:\\xtrem\\emule.exe"="C:\\xtrem\\emule.exe:*:Enabled:eMule"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Atari\\Deer Hunter 2005\\DH2005.exe"="C:\\Program Files\\Atari\\Deer Hunter 2005\\DH2005.exe:*:Enabled:D H2005"
    "C:\\Program Files\\MessengerDiscovery\\Loader.exe"="C:\\Program Files\\MessengerDiscovery\\Loader.exe:*:D isabled:Loader"
    "C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:D isabled:MessengerDiscovery Live the Windows Live Messenger addon"
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\Mes documents\\PicoPhone164.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\Mes documents\\PicoPhone164.exe:*:Enabled:p icoPhone164"
    "C:\\Program Files\\PopCap Games\\Zuma Deluxe\\Zuma.exe"="C:\\Program Files\\PopCap Games\\Zuma Deluxe\\Zuma.exe:*:Enabled:Zuma"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe:*:Enabled:o rb"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe:*:Enabled:o rbTray"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe:*:Enabled:o rb Stream Client"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe:*:Enabled:o rbTVGuide"
    "C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe"="C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe:*:Enabled:o rbChannelScan"
    "C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe"="C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe:*:D isabled:NetXfer Download Manager"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\DOCUME~1\\ROMAIN~1\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\ROMAIN~1\\LOCALS~1\\Temp\\services.exe:*:Enabled:ValueX"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\qmmyqz.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\qmmyqz.exe:*:Enabled:NlMediaCenter"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\xjfynp.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\xjfynp.exe:*:Enabled:NlMediaCenter"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\iyyjtt.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\iyyjtt.exe:*:Enabled:NlMediaCenter"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\jyqeqy.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\jyqeqy.exe:*:Enabled:NlMediaCenter"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\yuhvof.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\yuhvof.exe:*:Enabled:NlMediaCenter"
    "C:\\Documents and Settings\\Romain RODRIGUEZ\\owucxm.exe"="C:\\Documents and Settings\\Romain RODRIGUEZ\\owucxm.exe:*:Enabled:NlMediaCenter"
    "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix"
    "C:\\Program Files\\BitTorrent_DNA\\dna.exe"="C:\\Program Files\\BitTorrent_DNA\\dna.exe:*:Enabled:BitTorrent DNA"
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
    "C:\\Team17\\Worms World Party\\wwp.exe"="C:\\Team17\\Worms World Party\\wwp.exe:*:Enabled:Worms World Party"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    Remaining Files :


    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes :

    Fri 12 May 2006 88 A.SHR --- "C:\i386\49F4545378.sys"
    Fri 12 May 2006 56 A.SHR --- "C:\i386\785354F449.sys"
    Sat 13 May 2006 4,184 A.SH. --- "C:\i386\KGyGaAvL.sys"
    Sat 5 May 2007 88 ..SHR --- "C:\WINDOWS\system32\36DD7DC8C4.sys"
    Sat 21 Apr 2007 88 ..SHR --- "C:\WINDOWS\system32\49F4545378.sys"
    Sat 17 Mar 2007 56 ..SHR --- "C:\WINDOWS\system32\785354F449.sys"
    Wed 27 Feb 2008 9,134 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
    Fri 17 Nov 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Tue 7 Feb 2006 299,008 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\Maint.exe"
    Mon 25 Apr 2005 61,440 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\uinstrsc.dll"
    Fri 15 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT12.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT15.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT19.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT11.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT16.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT13.tmp"
    Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BITE.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT18.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT14.tmp"
    Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT17.tmp"
    Wed 29 Aug 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e5fb48c7a6be3f22de8aaab67292519d\BITD.tmp"
    Tue 12 Dec 2006 19,456 ...H. --- "C:\Documents and Settings\Romain RODRIGUEZ\Mes documents\Dossier Romain\Word\rapport de stage 2006\~WRL0249.tmp"

    Finished!

    12 Mars 2008 14:51:39

    salut il y a t il des autres manips a faire ? merci
    et enfait j'avais quoi et qu'est ce que ça a fait a mon PC ? merci a+
    12 Mars 2008 21:41:58

    :hello: 

    Poste un nouveau rapport hijackthis :super:
    13 Mars 2008 17:54:44

    ok je le fais dessuite
    merci encore
    13 Mars 2008 18:02:13

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:59:36, on 13/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\BitTorrent_DNA\dna.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Alwil Software\Avast4\setup\avast.setup

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll (file missing)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: (no name) - {3B5809B9-0A4D-4CDE-B45A-352C8733E4F0} - C:\Program Files\Fichiers communs\holeC:\DOCUME~1\ROMAIN~1\LOCALS~1\Temp\mst455101.exe.dll (file missing)
    O2 - BHO: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll (file missing)
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll (file missing)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur VINRO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P41 "Auto EPSON Stylus CX6600 Series sur VINRO" /O18 "\\VINRO\Imprimante" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NlMediaCenter] C:\Documents and Settings\Romain RODRIGUEZ\owucxm.exe
    O4 - HKCU\..\Run: [E06FDXRC_3343468] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MapiKind] C:\DOCUME~1\ROMAIN~1\APPLIC~1\FOURPI~1\antesaveball.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
    O4 - Startup: Mopy Points Collector.lnk = C:\MOPYFISH\GETPOINT.EXE
    O4 - Startup: PicoPhone.lnk = C:\Documents and Settings\Romain RODRIGUEZ\Mes documents\PicoPhone164.exe
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
    O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jor...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = romain
    O17 - HKLM\Software\..\Telephony: DomainName = romain
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = romain
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    --
    End of file - 14864 bytes
    13 Mars 2008 18:56:40

    Rapport lopxpMH2 version 2.0 fait à 18:56:15,89 le 13/03/2008
    C:\Documents and Settings\Romain RODRIGUEZ\Bureau\en cas de virus

    ******************************************
    ## Répertoires Application Data

    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\All Users\Application Data

    20/08/2004 10:30 <REP> .
    20/08/2004 10:30 <REP> ..
    31/10/2006 11:24 <REP> Admin Tool Owns Dvd
    04/03/2007 11:07 <REP> Adobe
    04/05/2006 21:18 <REP> AOL
    28/05/2006 12:05 <REP> Apple Computer
    03/02/2007 13:03 <REP> CanonBJ
    05/05/2007 10:16 <REP> Corel
    07/12/2007 16:30 <REP> DassaultSystemes
    06/01/2007 16:58 <REP> element5
    23/08/2006 10:48 <REP> Google
    04/05/2006 21:21 <REP> InstallShield
    10/06/2006 14:56 <REP> InterVideo
    04/05/2006 21:24 <REP> McAfee
    04/05/2006 21:24 <REP> McAfee.com
    04/05/2006 21:24 <REP> McAfee.com Personal Firewall
    24/06/2006 20:27 <REP> Messenger Plus!
    20/08/2004 10:30 <REP> Microsoft
    04/03/2007 20:18 <REP> Microsoft Help
    21/08/2007 10:58 <REP> Mozilla
    03/04/2007 17:19 <REP> OrbNetworks
    04/05/2006 21:19 <REP> QuickTime
    08/08/2006 09:03 <REP> Sandlot Games
    20/08/2004 10:46 <REP> SBSI
    27/12/2006 17:12 <REP> ScanSoft
    17/02/2008 17:11 <REP> Skype
    04/05/2006 21:16 <REP> Sonic
    25/06/2006 14:04 <REP> Symantec
    25/11/2006 13:14 <REP> Trymedia
    02/08/2006 09:08 <REP> Windows Genuine Advantage
    13/10/2007 10:47 <REP> Windows Live Toolbar
    04/07/2007 20:06 <REP> WindowsLiveInstaller
    04/07/2007 20:06 <REP> WLInstaller
    20/08/2004 10:30 62 desktop.ini
    17/02/2008 17:15 32 ezsid.dat
    26/06/2006 13:55 0 Installer.log
    08/04/2007 21:18 1 228 854 OrbError.bmp
    4 fichier(s) 1 228 948 octets
    33 Rép(s) 3 750 207 488 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\Default User\Application Data

    20/08/2004 10:30 <REP> .
    20/08/2004 10:30 <REP> ..
    11/05/2006 16:35 <REP> Corel
    11/05/2006 16:35 <REP> Identities
    20/08/2004 10:30 <REP> Microsoft
    11/05/2006 16:35 <REP> Sun
    11/05/2006 16:35 <REP> You've Got Pictures Screensaver
    20/08/2004 10:30 62 desktop.ini
    1 fichier(s) 62 octets
    7 Rép(s) 3 750 207 488 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

    20/08/2004 10:30 <REP> .
    20/08/2004 10:30 <REP> ..
    11/05/2006 16:35 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142030}
    11/05/2006 16:35 <REP> ApplicationHistory
    20/08/2004 10:37 <REP> Microsoft
    11/04/2007 08:01 <REP> Microsoft Help
    11/05/2006 16:35 135 fusioncache.dat
    1 fichier(s) 135 octets
    6 Rép(s) 3 750 215 680 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\LocalService\Application Data

    20/08/2004 10:41 <REP> .
    20/08/2004 10:41 <REP> ..
    11/05/2006 17:26 <REP> McAfee.com Personal Firewall
    20/08/2004 10:41 <REP> Microsoft
    0 fichier(s) 0 octets
    4 Rép(s) 3 750 215 680 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

    20/08/2004 10:41 <REP> .
    20/08/2004 10:41 <REP> ..
    20/08/2004 10:41 <REP> Microsoft
    0 fichier(s) 0 octets
    3 Rép(s) 3 750 211 584 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\NetworkService\Application Data

    20/08/2004 10:41 <REP> .
    20/08/2004 10:41 <REP> ..
    20/08/2004 10:41 <REP> Microsoft
    25/06/2006 14:14 <REP> Symantec
    0 fichier(s) 0 octets
    4 Rép(s) 3 750 211 584 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

    20/08/2004 10:41 <REP> .
    20/08/2004 10:41 <REP> ..
    20/08/2004 10:41 <REP> Microsoft
    0 fichier(s) 0 octets
    3 Rép(s) 3 750 211 584 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\Propriétaire\Application Data

    11/05/2006 16:46 <REP> .
    11/05/2006 16:46 <REP> ..
    11/05/2006 16:46 <REP> You've Got Pictures Screensaver
    0 fichier(s) 0 octets
    3 Rép(s) 3 750 211 584 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\Romain RODRIGUEZ\Application Data

    11/05/2006 16:35 <REP> .
    11/05/2006 16:35 <REP> ..
    12/05/2006 16:34 <REP> Adobe
    31/12/2006 12:01 <REP> Ahead
    06/01/2007 17:00 <REP> ArcSoft
    09/02/2008 19:34 <REP> BitTorrent
    09/02/2008 19:33 <REP> BitTorrent DNA
    27/12/2006 17:20 <REP> Canon
    11/05/2006 16:35 <REP> Corel
    11/05/2006 17:52 <REP> Corel Photo Album
    07/12/2007 16:30 <REP> DassaultSystemes
    14/02/2007 14:21 <REP> DivX
    18/11/2007 19:14 <REP> DWGeditor
    05/10/2006 18:12 <REP> eConf
    04/11/2006 11:41 <REP> flightgear.org
    26/06/2006 13:58 <REP> FotoWire
    31/10/2006 11:23 <REP> Four ping warn
    23/06/2006 18:49 <REP> Google
    21/06/2006 12:41 <REP> Help
    11/05/2006 16:35 <REP> Identities
    10/06/2006 14:55 <REP> InterVideo
    24/06/2006 11:14 <REP> Kazaa Lite
    04/02/2007 11:55 <REP> Lavasoft
    11/05/2006 18:24 <REP> Leadertech
    31/01/2008 18:17 <REP> Live-Prod
    11/05/2006 17:02 <REP> Macromedia
    11/05/2006 16:36 <REP> McAfee.com Personal Firewall
    11/05/2006 16:35 <REP> Microsoft
    11/05/2006 16:53 <REP> Microsoft Web Folders
    21/08/2007 10:58 <REP> Mozilla
    23/06/2006 16:53 <REP> MSNInstaller
    29/11/2006 21:04 <REP> ntr
    04/11/2006 11:21 <REP> OpenCity
    14/07/2006 10:45 <REP> Real
    27/12/2006 17:12 <REP> ScanSoft
    03/04/2007 12:22 <REP> Screenshot Sender
    17/02/2008 17:15 <REP> skypePM
    18/11/2007 19:14 <REP> SolidWorks
    11/05/2006 18:27 <REP> Sonic
    11/05/2006 16:35 <REP> Sun
    25/06/2006 14:04 <REP> Symantec
    21/08/2007 10:58 <REP> Talkback
    15/05/2006 17:23 <REP> Template
    30/10/2006 22:22 <REP> vlc
    26/02/2008 17:33 <REP> Windows Live Writer
    19/07/2007 18:33 <REP> Xi
    11/05/2006 16:35 <REP> You've Got Pictures Screensaver
    11/05/2006 16:35 62 desktop.ini
    11/06/2006 10:08 1 536 dvd.bmk
    2 fichier(s) 1 598 octets
    47 Rép(s) 3 750 207 488 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Documents and Settings\Romain RODRIGUEZ\Local Settings\Application Data

    11/05/2006 16:35 <REP> .
    11/05/2006 16:35 <REP> ..
    11/05/2006 16:35 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142030}
    26/07/2006 14:26 <REP> Adobe
    31/12/2006 12:04 <REP> Ahead
    15/11/2006 13:26 <REP> Apple Computer
    11/05/2006 16:35 <REP> ApplicationHistory
    09/02/2008 19:33 <REP> BitTorrent DNA
    11/05/2006 17:52 <REP> Corel Photo Album
    07/12/2007 16:30 <REP> DassaultSystemes
    23/06/2006 18:49 <REP> Google
    21/06/2006 12:41 <REP> Help
    25/06/2006 09:16 <REP> Identities
    26/06/2006 14:02 <REP> Logitech-LS
    11/05/2006 16:35 <REP> Microsoft
    04/03/2007 20:18 <REP> Microsoft Help
    21/08/2007 10:58 <REP> Mozilla
    07/12/2007 16:50 <REP> OD2
    07/05/2007 16:53 <REP> Online_TV
    03/09/2007 22:34 <REP> PCHealth
    04/02/2007 20:39 <REP> Pixoria
    14/02/2007 20:45 <REP> RcIncidents
    26/02/2008 17:33 <REP> Windows Live Writer
    11/05/2006 18:33 <REP> WMTools Downloaded Files
    13/05/2006 09:10 235 520 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    11/05/2006 16:35 139 fusioncache.dat
    11/05/2006 17:52 129 976 GDIPFONTCACHEV1.DAT
    01/03/2008 23:29 1 578 256 IconCache.db
    4 fichier(s) 1 943 891 octets
    24 Rép(s) 3 750 207 488 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

    20/08/2004 10:40 <REP> .
    20/08/2004 10:40 <REP> ..
    11/05/2006 16:35 <REP> Corel
    11/05/2006 16:35 <REP> Identities
    11/05/2006 16:36 <REP> McAfee.com Personal Firewall
    20/08/2004 10:40 <REP> Microsoft
    11/05/2006 16:35 <REP> Sun
    11/05/2006 16:35 <REP> You've Got Pictures Screensaver
    20/08/2004 10:40 62 desktop.ini
    1 fichier(s) 62 octets
    8 Rép(s) 3 750 207 488 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

    20/08/2004 10:40 <REP> .
    20/08/2004 10:40 <REP> ..
    11/05/2006 16:35 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142030}
    11/05/2006 16:35 <REP> ApplicationHistory
    20/08/2004 10:40 <REP> Microsoft
    30/09/2007 11:00 <REP> WindowsLiveInstaller
    11/05/2006 16:35 135 fusioncache.dat
    11/05/2006 16:35 3 249 262 IconCache.db
    2 fichier(s) 3 249 397 octets
    6 Rép(s) 3 750 207 488 octets libres

    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks


    C:\WINDOWS\Tasks\Rappel
    Rappel inexploitable


    C:\WINDOWS\Tasks\Vérifier
    Vérifier inexploitable

    ******************************************
    ## Répertoires de C:\Program Files

    Le volume dans le lecteur C n'a pas de nom.
    Le numéro de série du volume est 8456-B09E

    Répertoire de C:\Program Files

    12/03/2008 14:13 <REP> .
    12/03/2008 14:13 <REP> ..
    10/01/2008 17:32 <REP> 3D Flash Animator 4 Release 5
    03/05/2007 18:14 <REP> Activision
    18/11/2007 10:48 <REP> Activision Value
    19/01/2008 22:24 <REP> Adobe
    06/03/2007 18:07 <REP> Ahead
    20/06/2007 19:56 <REP> Alwil Software
    04/02/2007 19:07 <REP> Antipub
    29/11/2006 20:53 <REP> Anyplace Control
    09/03/2008 12:43 <REP> ArcSoft
    03/01/2007 13:49 <REP> Atari
    15/06/2007 18:32 <REP> Auralog
    24/05/2007 21:04 <REP> Auran
    23/02/2008 10:23 <REP> BankPerfect
    09/02/2008 19:33 <REP> BitTorrent
    25/06/2007 16:45 <REP> BitTorrent Fastest Tool
    09/02/2008 19:33 <REP> BitTorrent_DNA
    09/03/2007 17:46 <REP> Canon
    08/03/2008 14:51 <REP> CCleaner
    08/05/2007 12:46 <REP> Corel
    03/01/2007 13:36 <REP> DAEMON Tools
    14/02/2007 13:22 <REP> Dell
    09/09/2006 09:35 <REP> Digital Photo Navigator 1.0
    22/09/2007 08:30 <REP> DivX
    14/02/2007 13:22 <REP> Donjon de Naheulbeulk
    20/04/2007 18:41 <REP> Dragon Systems
    18/11/2007 19:18 <REP> DWGeditor
    03/05/2007 18:08 <REP> Elaborate Bytes
    14/02/2007 13:23 <REP> eMule
    14/02/2007 13:22 <REP> epson
    26/07/2007 12:34 <REP> Eurobarre
    15/01/2007 20:30 <REP> Fake Webcam
    12/03/2008 14:11 <REP> Fichiers communs
    25/11/2007 12:09 <REP> Finale 2006
    14/02/2007 13:23 <REP> FlightGear
    17/07/2006 10:02 <REP> Foreignword
    17/02/2007 09:48 <REP> Four ping warn
    26/11/2006 17:15 <REP> GameSpy Arcade
    24/01/2008 20:39 <REP> Google
    20/06/2007 19:11 <REP> Grisoft
    08/05/2007 12:50 <REP> Hornet 3 Demo
    04/05/2006 21:16 <REP> Intel
    04/05/2006 21:16 <REP> InterActual
    13/02/2008 21:14 <REP> Internet Explorer
    10/06/2006 14:15 <REP> InterVideo
    21/06/2006 12:22 <REP> Inventel
    01/09/2007 10:00 <REP> Java
    21/08/2007 11:34 <REP> K-Lite Codec Pack
    03/05/2007 18:39 <REP> Lavalys
    04/02/2007 11:55 <REP> Lavasoft
    08/03/2008 14:05 <REP> LiveKillCleanMessenger
    19/01/2008 10:41 <REP> Livre Album Fuji Photo
    26/06/2006 13:58 <REP> Logitech
    10/01/2008 17:31 <REP> Magic Karaoke Maker
    10/06/2006 14:17 <REP> Managed DirectX (0901)
    04/05/2006 21:24 <REP> McAfee
    28/09/2007 16:44 <REP> MediaInfo
    08/08/2006 11:36 <REP> Mediathek
    27/01/2008 11:04 <REP> Messenger
    26/02/2008 11:32 <REP> Messenger Plus! Live
    14/02/2007 13:46 <REP> MessengerDiscovery
    24/06/2006 20:33 <REP> MessengerPlus! 3
    21/08/2006 09:32 <REP> Micro Application
    10/05/2007 08:05 <REP> Microsoft CAPICOM 2.1.0.2
    11/05/2006 17:05 <REP> Microsoft Encarta
    11/05/2006 16:53 <REP> microsoft frontpage
    18/11/2007 19:03 <REP> Microsoft Office
    02/12/2007 09:23 <REP> Microsoft SQL Server Compact Edition
    04/03/2007 20:23 <REP> Microsoft Visual Studio
    19/04/2007 18:28 <REP> Microsoft Windows Script
    04/03/2007 20:24 <REP> Microsoft Works
    04/03/2007 20:22 <REP> Microsoft.NET
    28/02/2008 18:22 <REP> Movie Maker
    19/02/2008 10:11 <REP> Mozilla Firefox
    02/09/2006 16:22 <REP> MP3 Player Utilities
    04/03/2007 20:24 <REP> MSBuild
    11/05/2006 16:38 <REP> MSN
    20/08/2004 10:34 <REP> MSN Gaming Zone
    15/08/2007 10:14 <REP> MSXML 4.0
    27/06/2006 19:41 <REP> NASA
    09/03/2008 19:05 <REP> Navilog1
    31/12/2006 11:58 <REP> Nero
    14/02/2007 13:22 <REP> NetMeeting
    18/02/2007 10:55 <REP> NTR Global
    20/08/2004 10:34 <REP> Online Services
    04/04/2007 11:50 <REP> Orb Networks
    28/02/2008 18:22 <REP> Outlook Express
    14/05/2006 09:03 <REP> PIXELA
    25/06/2007 16:33 <REP> Player Tool
    14/02/2007 13:22 <REP> QuickTime
    08/08/2006 09:03 <REP> Real
    14/07/2006 10:54 774 144 RngInterstitial.dll
    06/03/2007 17:24 <REP> Roxio
    09/01/2008 18:43 <REP> ScanSoft
    21/06/2006 12:17 <REP> Securitoo
    20/08/2004 10:35 <REP> Services en ligne
    04/05/2006 21:14 <REP> Sigmatel
    08/08/2006 11:21 <REP> Smart Link
    18/11/2007 19:09 <REP> SolidWorks
    04/05/2006 21:22 <REP> Sonic
    09/02/2008 11:17 <REP> StreamDown v6.4
    18/11/2007 18:53 <REP> SW2007SDK
    17/10/2006 18:32 <REP> TGTSoft
    09/03/2008 17:12 <REP> Trend Micro
    02/05/2007 14:08 <REP> Trymedia
    04/07/2007 11:31 <REP> Ubisoft
    30/06/2007 09:41 <REP> ViaVoice
    20/10/2007 08:32 <REP> VideoLAN
    28/09/2006 18:06 <REP> Virtual Look 2
    28/08/2007 12:24 <REP> VirtualDJ
    13/03/2008 17:57 <REP> Wanadoo
    04/05/2006 21:20 <REP> Wanadoo Europe
    14/02/2007 13:39 <REP> Webcamfirst
    20/10/2007 08:52 <REP> Winamp
    18/11/2007 19:02 <REP> Windows Desktop Search
    28/02/2008 09:01 <REP> Windows Live
    24/11/2007 11:16 <REP> Windows Live Favorites
    03/12/2007 18:09 <REP> Windows Live Toolbar
    29/08/2007 20:01 <REP> Windows Media Components
    15/12/2006 21:40 <REP> Windows Media Connect 2
    20/01/2008 20:20 <REP> Windows Media Player
    20/08/2004 10:34 <REP> Windows NT
    25/11/2006 11:48 <REP> WinRAR
    20/08/2004 10:37 <REP> xerox
    19/07/2007 18:30 <REP> Xi
    20/05/2007 17:22 <REP> Yahoo!
    1 fichier(s) 774 144 octets
    126 Rép(s) 3 750 182 912 octets libres

    ******************************************
    ## Popups autorisées

    * Internet Explorer

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow

    * Mozilla Firefox (1 autorisé 2 interdit)

    ---------- C:\DOCUMENTS AND SETTINGS\ROMAIN RODRIGUEZ\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A58O1S82.DEFAULT\HOSTPERM.1

    ******************************************
    ## Registre

    * [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
    Search Bar REG_SZ http://search.msn.com/spbasic.htm

    * [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    MapiKind REG_SZ C:\DOCUME~1\ROMAIN~1\APPLIC~1\FOURPI~1\antesaveball.exe

    ******************************************
    ## Zones de sécurité

    * HKCU Domains (4)

    * P3P History (5)

    ******************************************
    ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


    *************** Fin du rapport ****************
    13 Mars 2008 19:04:50

    Important :cette procédure a été créée spécifiquement pour cet utilisateur, si vous n'êtes pas cet utilisateur, ne faites pas cette procédure au risque d'endommager sérieusement votre PC !

    1) Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.

    http://download.bleepingcomputer.com/oldtimer/OTMoveIt2...

    2) Télécharge et installe Ccleaner :
    http://www.01net.com/telecharger/windows/Utilitaire/net...(...)
    -> Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires".

    REDEMARRE EN MODE SANS ECHEC ! ( si la manipulation ne marche pas en mode sans échec, fais la en mode normal ;)  )
    Aide ici : http://www.infos-du-net.com/forum/272325-11-tuto-demarr...
    /!\ Ne jamais redémarrer en mode sans échec via msconfig /!\

    3) Relance HijackThis, clique sur "do a system scan only", coche ces lignes puis clique sur "Fix Checked" et referme HijackThis :

    Citation :
    O4 - HKLM\..\Run: [NlMediaCenter] C:\Documents and Settings\Romain RODRIGUEZ\owucxm.exe
    O4 - HKCU\..\Run: [MapiKind] C:\DOCUME~1\ROMAIN~1\APPLIC~1\FOURPI~1\antesaveball.exe


    4) # Double-clique sur OTMoveIt.exe pour le lancer.
    # Assure toi que la case "Unregister Dll's and Ocx's" soit bien cochée !!!
    # Copie le texte qui se trouve dans l'encadré ci-dessous, sans le mot citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved.

    Citation :
    C:\Documents and Settings\Romain RODRIGUEZ\owucxm.exe
    C:\DOCUME~1\ROMAIN~1\APPLIC~1\FOURPI~1\
    C:\Program Files\Fichiers communs\BOONTY Shared\


    # Clique sur MoveIt! pour lancer la suppression.
    # Si OTMoveIt propose de redémarrer ton PC, accepte.
    # Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.

    # Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles


    5) Lance CCleaner
    >>>Clique sur l'onglet "Nettoyeur" puis sur "Lancer le Nettoyage".
    >>>Ensuite clique sur l'onglet Registre, clique sur "Chercher des erreurs" puis sur "Réparer les erreurs sélectionnées". Il est inutile de faire des sauvegardes des clés. Répète l'opération autant de fois qu'il le faut jusqu'à qu'il ne trouve plus d'erreurs.

    6) Poste-moi le rapport demandé et refais-moi un scan hijackthis

    ;) 
    13 Mars 2008 19:21:44

    mais il y a quoi sur mon pc ?
    13 Mars 2008 19:25:31

    Des malwares = programmes malveillants...

    Clic sur le lien dans ma signature pour en savoir plus ;) 
    16 Mars 2008 13:44:13

    File/Folder c:\Documents and Settings\Romain RODRIGUEZ\owucxm.exe not found.
    c:\DOCUME~1\ROMAIN~1\APPLIC~1\FOURPI~1 moved successfully.
    c:\Program Files\Fichiers communs\BOONTY Shared\Service moved successfully.
    c:\Program Files\Fichiers communs\BOONTY Shared moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03162008_133037
    16 Mars 2008 13:45:05

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:37:58, on 16/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Safe mode

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: (no name) - {3B5809B9-0A4D-4CDE-B45A-352C8733E4F0} - (no file)
    O2 - BHO: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur VINRO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P41 "Auto EPSON Stylus CX6600 Series sur VINRO" /O18 "\\VINRO\Imprimante" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [E06FDXRC_3343468] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
    O4 - Startup: Mopy Points Collector.lnk = C:\MOPYFISH\GETPOINT.EXE
    O4 - Startup: PicoPhone.lnk = C:\Documents and Settings\Romain RODRIGUEZ\Mes documents\PicoPhone164.exe
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
    O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jor...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = romain
    O17 - HKLM\Software\..\Telephony: DomainName = romain
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = romain
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    --
    End of file - 13246 bytes
    16 Mars 2008 14:01:36

    :hello: 

    Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software

    Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
    Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.

    Télécharge et installe Antivir. (tuto)
    Pourquoi changer ? Avast vs Antivir
    Vérifie qu’il soit bien à jour ! Fais une analyse complète en mode sans échec, sauvegarde le rapport et poste le moi.
    16 Mars 2008 14:15:09

    tu me l'a dejas fait instaler ccleaner !
    16 Mars 2008 14:16:55

    Oui et bien tu ne le réinstalle pas :p 
    16 Mars 2008 14:18:54

    non c'est que peut etre c'était pas la meme version
    en tous cas merci pour ce que tu fais !
    16 Mars 2008 14:24:04

    Oki, tu as bien fait de poser la question ^^

    Tu sais à force, tout cela devient "limpide comme de l'eau de source pour moi", et j'oublie qu'à mes débuts ce n'était pas évident.

    ;) 
    16 Mars 2008 21:25:42

    AntiVir PersonalEdition Classic
    Report file date: dimanche 16 mars 2008 14:50

    Scanning for 1147670 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: Romain RODRIGUEZ
    Computer name: R

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:44:52
    ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 13:44:52
    ANTIVIR3.VDF : 7.0.3.31 158208 Bytes 14/03/2008 13:44:52
    AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 16/03/2008 13:44:52
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
    AVPACK32.DLL : 7.6.0.3 360488 Bytes 16/03/2008 13:44:52
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: dimanche 16 mars 2008 14:50

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    11 processes with 11 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '45' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Romain RODRIGUEZ\Bureau\en cas de virus\Navilog1.exe
    [DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.59
    [INFO] The file was moved to '485326fd.qua'!
    C:\Program Files\BitTorrent Fastest Tool\BitDownload-3.0-setup.exe
    [DETECTION] Contains detection pattern of the dropper DR/Lop.BO.7
    [INFO] The file was moved to '48513660.qua'!
    C:\Program Files\eMule\Incoming\Find_crack nero startsmart_using_emule_multimedia_toolbar.exe
    [DETECTION] Is the Trojan horse TR/Drop.HotWebBar.A
    [INFO] The file was moved to '484b3a83.qua'!
    C:\Program Files\eMule\Temp\057.part
    [DETECTION] Is the Trojan horse TR/Drop.HotWebBar.C
    [INFO] The file was moved to '48143a52.qua'!
    C:\Program Files\LiveKillCleanMessenger\backup\b122.exe.old
    [DETECTION] Is the Trojan horse TR/Dldr.Agent.hvj.1
    [INFO] The file was moved to '480f4870.qua'!
    C:\SDFix\backups\backups.zip
    [0] Archive type: ZIP
    --> backups/17PHolmes1423.exe
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    --> backups/E3E6EAE8E8EFED.exe
    [DETECTION] Is the Trojan horse TR/Agent.wxa.1
    --> backups/Yazzle1560OinAdmin.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Purity.BV.7
    --> backups/Yazzle1560OinUninstaller.exe
    [DETECTION] Contains detection pattern of the dropper DR/PurityScan.GP.1
    --> backups/YazzleBundle-1560.exe
    [DETECTION] Contains detection pattern of the dropper DR/Scapur.K.16
    [INFO] The file was moved to '48406a0b.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    C:\_OTMoveIt\MovedFiles\03162008_133037\DOCUME~1\ROMAIN~1\APPLIC~1\Four ping warn\Comp bias face bike.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [INFO] The file was moved to '484a7116.qua'!


    End of the scan: dimanche 16 mars 2008 20:10
    Used time: 5:20:06 min

    The scan has been done completely.

    9645 Scanning directories
    751596 Files were scanned
    11 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    7 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    751585 Files not concerned
    6663 Archives were scanned
    2 Warnings
    0 Notes

    16 Mars 2008 21:26:31

    lol mais maintenant tu as l'ai tres costau en informatique
    16 Mars 2008 21:32:23

    Re,

    En sécurité informatique je me débrouille de mieux en mieux ;) 

    Refais un nouveau rapport hijackthis.

    ;) 
    17 Mars 2008 18:06:58

    mon ordi bug toujours ça rame et le disque sur se rempli toujours
    17 Mars 2008 18:36:51

    :hello: 

    Je t'ai demandé de me poster un nouveau rapport hijackthis ;) 
    17 Mars 2008 18:49:03

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:18:07, on 17/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\BitTorrent_DNA\dna.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Orb Networks\Orb\bin\Orb.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\MsiExec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: (no name) - {3B5809B9-0A4D-4CDE-B45A-352C8733E4F0} - (no file)
    O2 - BHO: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur VINRO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P41 "Auto EPSON Stylus CX6600 Series sur VINRO" /O18 "\\VINRO\Imprimante" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [E06FDXRC_3343468] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
    O4 - Startup: Mopy Points Collector.lnk = C:\MOPYFISH\GETPOINT.EXE
    O4 - Startup: PicoPhone.lnk = C:\Documents and Settings\Romain RODRIGUEZ\Mes documents\PicoPhone164.exe
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
    O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jor...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = romain
    O17 - HKLM\Software\..\Telephony: DomainName = romain
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = romain
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    --
    End of file - 15098 bytes
    17 Mars 2008 18:53:45

    Re,

    Tu as plusieurs barre d'outils (toolbars), en as-tu besoin ?
    Plusieurs barre d'outils peuvent ralentir l'ordinateur ou occasionner des plantages du navigateur.
    Je te conseille de faire du ménage pour désinstaller les barres d'outils dont tu ne te sers pas à partir d'ajout/suppression de programmes du panneau de configuration.
    Pour plus d'informations, voir l'article Les Toolbars, c'est pas obligatoire!

    Une fois cela fait, vient me poster un nouveau rapport hijackthis.

    Sinon quels sont tes problèmes en détail ?

    ;) 
    17 Mars 2008 20:18:57

    RE, en fait mon pc rame et mon disque dur se remplie défois je suis a 10Go et défois ça baisse jusqu'a 120Mo mais le systeme ne tient pas voila
    17 Mars 2008 20:20:37

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:20:20, on 17/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\BitTorrent_DNA\dna.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Orb Networks\Orb\bin\Orb.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\MsiExec.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: (no name) - {3B5809B9-0A4D-4CDE-B45A-352C8733E4F0} - (no file)
    O2 - BHO: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur VINRO] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P41 "Auto EPSON Stylus CX6600 Series sur VINRO" /O18 "\\VINRO\Imprimante" /M "Stylus CX6600"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [E06FDXRC_3343468] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
    O4 - Startup: Mopy Points Collector.lnk = C:\MOPYFISH\GETPOINT.EXE
    O4 - Startup: PicoPhone.lnk = C:\Documents and Settings\Romain RODRIGUEZ\Mes documents\PicoPhone164.exe
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~2\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
    O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.de/ips-opdata/objects/jor...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MusicManagerPlugin.MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = romain
    O17 - HKLM\Software\..\Telephony: DomainName = romain
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = romain
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    --
    End of file - 14566 bytes
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS