Votre question

Encore et tj des pubs CID !!!

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Février 2008 19:11:48

Slt à tous, j'ai à nouveau des pubs CID qui sont revenus sur mon ordi, vous pouvez m'aider svp, sa devient vraiment énervant...
Voici un rapport Lop S&D:

-----------------------------[ Lop S&D 2.0.5 ]---------------------------

[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

[ USER: Simon ] [ "C:\Program Files\Lop SD" ]

[ 07/02/2008 | 19:03:34.20 ] [ CARRE1 ]


-------------[ Listing des dossiers dans Application Data ]------------

[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\..
[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\.
[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\Microsoft
[28/02/2004|17:59] C:\DOCUME~1\Admin\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Admin\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\Admin\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\Admin\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\Admin\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Admin\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Admin\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Admin\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Admin\APPLIC~1\desktop.ini

[01/02/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
[01/02/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/02/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[27/01/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[25/01/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/01/2008|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/01/2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[16/01/2008|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[27/10/2007|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[18/10/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/10/2007|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/08/2007|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[27/05/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/02/2007|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[22/01/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[21/09/2006|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/08/2006|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[04/06/2006|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[18/03/2006|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/02/2006|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[31/12/2005|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[18/02/2005|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[24/08/2004|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[28/02/2004|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[28/02/2004|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/02/2004|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/02/2004|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini


[16/10/2007|11:48] C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR
[06/12/2006|13:25] C:\DOCUME~1\Camille\APPLIC~1\Google
[06/12/2006|13:24] C:\DOCUME~1\Camille\APPLIC~1\..
[06/12/2006|13:24] C:\DOCUME~1\Camille\APPLIC~1\.
[10/08/2006|21:33] C:\DOCUME~1\Camille\APPLIC~1\Sun
[10/02/2006|15:46] C:\DOCUME~1\Camille\APPLIC~1\Microsoft
[15/01/2006|17:45] C:\DOCUME~1\Camille\APPLIC~1\EPSON
[29/06/2005|20:30] C:\DOCUME~1\Camille\APPLIC~1\wklnhst.dat
[28/02/2004|17:59] C:\DOCUME~1\Camille\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Camille\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\Camille\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\Camille\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\Camille\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Camille\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Camille\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Camille\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Camille\APPLIC~1\desktop.ini

[28/02/2004|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/02/2004|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[16/01/2008|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\..
[16/01/2008|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\.
[29/09/2007|12:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR
[16/08/2007|10:49] C:\DOCUME~1\FRANCO~1\APPLIC~1\Sun
[16/08/2007|09:42] C:\DOCUME~1\FRANCO~1\APPLIC~1\DassaultSystemes
[09/03/2007|15:36] C:\DOCUME~1\FRANCO~1\APPLIC~1\Musicmatch
[19/02/2007|21:41] C:\DOCUME~1\FRANCO~1\APPLIC~1\Microsoft
[23/01/2007|13:00] C:\DOCUME~1\FRANCO~1\APPLIC~1\wklnhst.dat
[17/12/2006|17:37] C:\DOCUME~1\FRANCO~1\APPLIC~1\Google
[08/03/2006|19:09] C:\DOCUME~1\FRANCO~1\APPLIC~1\Adobe
[08/03/2006|18:20] C:\DOCUME~1\FRANCO~1\APPLIC~1\Xfire
[08/03/2006|17:17] C:\DOCUME~1\FRANCO~1\APPLIC~1\AdobeUM
[28/02/2004|17:59] C:\DOCUME~1\FRANCO~1\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\Real
[28/02/2004|16:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\FRANCO~1\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\FRANCO~1\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\FRANCO~1\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\desktop.ini

[07/02/2008|17:18] C:\DOCUME~1\Internet\APPLIC~1\Adobe
[31/01/2008|18:22] C:\DOCUME~1\Internet\APPLIC~1\GDIPFONTCACHEV1.DAT
[16/01/2008|20:04] C:\DOCUME~1\Internet\APPLIC~1\..
[16/01/2008|20:04] C:\DOCUME~1\Internet\APPLIC~1\.
[21/11/2007|19:13] C:\DOCUME~1\Internet\APPLIC~1\Creative
[18/10/2007|16:53] C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR
[17/10/2007|18:39] C:\DOCUME~1\Internet\APPLIC~1\wklnhst.dat
[09/08/2007|11:19] C:\DOCUME~1\Internet\APPLIC~1\DivX
[17/07/2007|13:01] C:\DOCUME~1\Internet\APPLIC~1\Apple Computer
[10/04/2007|08:25] C:\DOCUME~1\Internet\APPLIC~1\MSN6
[29/06/2006|09:05] C:\DOCUME~1\Internet\APPLIC~1\DassaultSystemes
[19/05/2006|17:17] C:\DOCUME~1\Internet\APPLIC~1\Azureus
[10/04/2006|13:40] C:\DOCUME~1\Internet\APPLIC~1\Sun
[28/03/2006|11:09] C:\DOCUME~1\Internet\APPLIC~1\vlc
[09/03/2006|18:47] C:\DOCUME~1\Internet\APPLIC~1\AdobeUM
[01/03/2006|11:39] C:\DOCUME~1\Internet\APPLIC~1\Google
[28/02/2006|15:59] C:\DOCUME~1\Internet\APPLIC~1\Xfire
[03/02/2006|12:54] C:\DOCUME~1\Internet\APPLIC~1\Microsoft
[14/01/2005|19:02] C:\DOCUME~1\Internet\APPLIC~1\EPSON
[28/02/2004|17:59] C:\DOCUME~1\Internet\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Internet\APPLIC~1\Real
[28/02/2004|16:26] C:\DOCUME~1\Internet\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Internet\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Internet\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Internet\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Internet\APPLIC~1\desktop.ini

[18/11/2006|20:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[04/04/2006|10:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[17/08/2004|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[09/08/2004|20:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[05/04/2004|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[05/04/2004|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\..
[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\RibbonSoft
[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\.
[27/01/2008|19:55] C:\DOCUME~1\Simon\APPLIC~1\SolidWorks
[27/01/2008|19:34] C:\DOCUME~1\Simon\APPLIC~1\Autodesk
[26/01/2008|19:09] C:\DOCUME~1\Simon\APPLIC~1\Adobe
[13/01/2008|13:24] C:\DOCUME~1\Simon\APPLIC~1\Megaupload
[12/01/2008|21:29] C:\DOCUME~1\Simon\APPLIC~1\Real
[28/12/2007|16:18] C:\DOCUME~1\Simon\APPLIC~1\SecondLife
[28/12/2007|16:05] C:\DOCUME~1\Simon\APPLIC~1\Mozilla
[17/10/2007|23:05] C:\DOCUME~1\Simon\APPLIC~1\wklnhst.dat
[16/10/2007|20:27] C:\DOCUME~1\Simon\APPLIC~1\vmntoolbar
[22/08/2007|22:52] C:\DOCUME~1\Simon\APPLIC~1\Xfire
[14/07/2007|22:10] C:\DOCUME~1\Simon\APPLIC~1\Mp3tag
[15/06/2007|21:05] C:\DOCUME~1\Simon\APPLIC~1\Creative
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Settings.cfg
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Par d‚faut.cls
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Connexion FTP.ftp
[07/06/2007|12:32] C:\DOCUME~1\Simon\APPLIC~1\Dynamique
[07/06/2007|12:32] C:\DOCUME~1\Simon\APPLIC~1\Sites pr‚d‚finis
[31/05/2007|18:57] C:\DOCUME~1\Simon\APPLIC~1\Vso
[27/05/2007|16:35] C:\DOCUME~1\Simon\APPLIC~1\Apple Computer
[12/04/2007|20:16] C:\DOCUME~1\Simon\APPLIC~1\Leadertech
[11/04/2007|13:52] C:\DOCUME~1\Simon\APPLIC~1\Hamachi
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.log
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\ezpinst.exe
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.cat
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.sys
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.inf
[24/03/2007|15:25] C:\DOCUME~1\Simon\APPLIC~1\STOIK
[21/03/2007|16:39] C:\DOCUME~1\Simon\APPLIC~1\Screenshot Sender
[22/02/2007|16:31] C:\DOCUME~1\Simon\APPLIC~1\RapidGet
[05/01/2007|23:17] C:\DOCUME~1\Simon\APPLIC~1\GDIPFONTCACHEV1.DAT
[27/12/2006|18:12] C:\DOCUME~1\Simon\APPLIC~1\DivX
[13/12/2006|15:09] C:\DOCUME~1\Simon\APPLIC~1\InstallShield Installation Information
[29/11/2006|16:39] C:\DOCUME~1\Simon\APPLIC~1\Microsoft
[22/11/2006|16:46] C:\DOCUME~1\Simon\APPLIC~1\SolidWorksNewsReader
[22/11/2006|16:36] C:\DOCUME~1\Simon\APPLIC~1\DWGeditor
[14/09/2006|20:08] C:\DOCUME~1\Simon\APPLIC~1\dvdcss
[17/08/2006|15:22] C:\DOCUME~1\Simon\APPLIC~1\teamspeak2
[08/08/2006|15:02] C:\DOCUME~1\Simon\APPLIC~1\AdobeUM
[27/07/2006|10:51] C:\DOCUME~1\Simon\APPLIC~1\FlashFXP
[22/06/2006|10:37] C:\DOCUME~1\Simon\APPLIC~1\Azureus
[16/06/2006|21:11] C:\DOCUME~1\Simon\APPLIC~1\InterTrust
[08/06/2006|09:56] C:\DOCUME~1\Simon\APPLIC~1\Thumbs.db
[06/04/2006|17:44] C:\DOCUME~1\Simon\APPLIC~1\Sun
[01/04/2006|18:23] C:\DOCUME~1\Simon\APPLIC~1\DassaultSystemes
[11/03/2006|14:59] C:\DOCUME~1\Simon\APPLIC~1\vlc
[31/12/2005|18:19] C:\DOCUME~1\Simon\APPLIC~1\Google
[27/07/2005|15:15] C:\DOCUME~1\Simon\APPLIC~1\FTP Expert Stockage.ftp
[01/07/2005|21:29] C:\DOCUME~1\Simon\APPLIC~1\Ulead Systems
[16/06/2005|18:31] C:\DOCUME~1\Simon\APPLIC~1\CDRusersDB.v12
[18/05/2005|18:06] C:\DOCUME~1\Simon\APPLIC~1\iScreensaver
[02/02/2005|15:24] C:\DOCUME~1\Simon\APPLIC~1\EPSON
[28/02/2004|17:59] C:\DOCUME~1\Simon\APPLIC~1\Macromedia
[28/02/2004|16:26] C:\DOCUME~1\Simon\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Simon\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Simon\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Simon\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Simon\APPLIC~1\desktop.ini

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[01/02/2008 19:47][--ah-----] C:\WINDOWS\tasks\A809F21391526C17.job
[25/05/2006 19:15][--a------] C:\WINDOWS\tasks\sauve.job
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[26/05/2006 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[07/02/2008|19:03] C:\Program Files\Lop SD
[07/02/2008|18:56] C:\Program Files\..
[07/02/2008|18:56] C:\Program Files\.
[05/02/2008|20:28] C:\Program Files\QCad Demo
[01/02/2008|19:47] C:\Program Files\Plan Atom Sect
[26/01/2008|15:05] C:\Program Files\SilverCrest Vibration Headset
[26/01/2008|14:27] C:\Program Files\AV VCS 3.0
[26/01/2008|00:34] C:\Program Files\Steam
[19/01/2008|15:46] C:\Program Files\SUPER
[19/01/2008|12:42] C:\Program Files\CamStudio
[18/01/2008|22:28] C:\Program Files\Fake Webcam
[17/01/2008|21:40] C:\Program Files\Messenger Plus! Live
[17/01/2008|21:40] C:\Program Files\Windows Live
[17/01/2008|21:40] C:\Program Files\MSN Messenger
[17/01/2008|21:13] C:\Program Files\PDF PDF2Image v2.1
[16/01/2008|21:59] C:\Program Files\Adobe
[16/01/2008|21:39] C:\Program Files\Fichiers communs
[16/01/2008|21:37] C:\Program Files\InstallShield Installation Information
[12/01/2008|21:43] C:\Program Files\Sonic Foundry ACID Music
[12/01/2008|21:35] C:\Program Files\Jeux
[11/01/2008|21:23] C:\Program Files\Pando
[07/01/2008|21:36] C:\Program Files\Microsoft Works
[01/01/2008|16:55] C:\Program Files\AutoCAD 2008
[01/01/2008|16:50] C:\Program Files\Autodesk
[29/12/2007|16:38] C:\Program Files\NCH Software
[19/12/2007|20:07] C:\Program Files\Java
[12/12/2007|23:22] C:\Program Files\Internet Explorer
[28/11/2007|20:28] C:\Program Files\Picasa2
[18/10/2007|18:23] C:\Program Files\PestPatrol
[18/10/2007|18:11] C:\Program Files\RegCleaner
[18/10/2007|18:02] C:\Program Files\vmntoolbar
[18/10/2007|17:58] C:\Program Files\Google
[18/10/2007|17:56] C:\Program Files\LucasArts
[23/08/2007|10:45] C:\Program Files\Xfire
[16/08/2007|08:57] C:\Program Files\Metin2_France
[15/08/2007|21:36] C:\Program Files\PC Inspector File Recovery
[13/08/2007|12:00] C:\Program Files\Microsoft Games
[17/07/2007|22:27] C:\Program Files\Windows Media Player
[17/07/2007|22:13] C:\Program Files\Windows Media Connect 2
[16/07/2007|18:20] C:\Program Files\Alcohol Soft
[14/07/2007|21:59] C:\Program Files\Mp3tag
[15/06/2007|19:01] C:\Program Files\Creative
[15/06/2007|18:59] C:\Program Files\Creative ZEN Vision M Series
[15/06/2007|16:55] C:\Program Files\Creative Installation Information
[14/06/2007|09:54] C:\Program Files\Outlook Express
[27/05/2007|16:34] C:\Program Files\QuickTime
[16/05/2007|16:28] C:\Program Files\Activision
[08/05/2007|11:07] C:\Program Files\CA
[12/04/2007|19:58] C:\Program Files\Atari
[31/03/2007|18:38] C:\Program Files\SolidWorks
[29/03/2007|17:36] C:\Program Files\DVDFab Gold
[25/03/2007|17:47] C:\Program Files\DVD Shrink
[25/03/2007|13:49] C:\Program Files\Star Downloader
[17/03/2007|20:32] C:\Program Files\WinRAR
[25/02/2007|15:50] C:\Program Files\Ulead Systems
[22/02/2007|18:57] C:\Program Files\Winamp
[22/02/2007|18:57] C:\Program Files\Wanadoo
[22/02/2007|18:57] C:\Program Files\Sunbelt Software
[22/02/2007|18:57] C:\Program Files\Movie Maker
[22/02/2007|18:57] C:\Program Files\Morpheus Software
[22/02/2007|18:57] C:\Program Files\Microsoft Picture It! 9
[22/02/2007|18:57] C:\Program Files\Microsoft Encarta
[22/02/2007|18:57] C:\Program Files\pspvideo9
[22/02/2007|18:57] C:\Program Files\NCH Swift Sound
[22/02/2007|18:57] C:\Program Files\Messenger
[22/02/2007|18:57] C:\Program Files\DivX
[22/01/2007|21:43] C:\Program Files\IVT Corporation
[22/11/2006|16:42] C:\Program Files\Windows Desktop Search
[22/11/2006|16:36] C:\Program Files\DWGeditor
[22/11/2006|16:35] C:\Program Files\SolidWorks Installation Manager
[25/10/2006|13:36] C:\Program Files\AviSynth 2.5
[14/10/2006|08:28] C:\Program Files\ashampoo
[21/09/2006|18:39] C:\Program Files\NetMeeting
[21/09/2006|18:39] C:\Program Files\Windows NT
[20/09/2006|20:37] C:\Program Files\Intelore
[29/08/2006|16:21] C:\Program Files\DV 3500
[25/07/2006|22:43] C:\Program Files\Magicbit
[28/06/2006|20:26] C:\Program Files\INFORAD
[28/06/2006|20:26] C:\Program Files\INFORAD_DRIVERS
[16/06/2006|21:13] C:\Program Files\Hewlett-Packard
[06/06/2006|21:16] C:\Program Files\Gadwin Systems
[06/06/2006|11:49] C:\Program Files\Program Files
[04/06/2006|21:44] C:\Program Files\SprayR
[08/05/2006|14:10] C:\Program Files\neodivx2006
[12/04/2006|19:51] C:\Program Files\Teamspeak2_RC2
[01/04/2006|18:27] C:\Program Files\Microsoft Office
[01/04/2006|18:27] C:\Program Files\Dassault Systemes
[11/03/2006|14:57] C:\Program Files\VideoLAN
[02/03/2006|15:55] C:\Program Files\EA GAMES
[26/02/2006|16:07] C:\Program Files\DiMAGE Viewer
[10/02/2006|16:10] C:\Program Files\Midas Interactive
[08/02/2006|23:03] C:\Program Files\AquaScape 3D
[25/01/2006|17:19] C:\Program Files\D-Tools
[15/01/2006|18:07] C:\Program Files\EPSON
[01/07/2005|21:23] C:\Program Files\CyberLink
[18/02/2005|21:24] C:\Program Files\Home Cinema
[09/12/2004|18:09] C:\Program Files\Microsoft FrontPage Express
[01/12/2004|19:08] C:\Program Files\MSN Apps
[28/08/2004|19:29] C:\Program Files\WindowsUpdate
[24/08/2004|22:07] C:\Program Files\Spybot - Search & Destroy
[20/08/2004|12:35] C:\Program Files\Microsoft Office97
[03/06/2004|19:23] C:\Program Files\Alwil Software
[04/05/2004|20:58] C:\Program Files\Storm
[18/04/2004|13:38] C:\Program Files\JavaSoft
[07/04/2004|08:23] C:\Program Files\PowerArchiver
[27/03/2004|13:50] C:\Program Files\InterActual
[28/02/2004|17:49] C:\Program Files\Viewpoint
[28/02/2004|17:49] C:\Program Files\Nullsoft
[28/02/2004|17:49] C:\Program Files\Real
[28/02/2004|16:18] C:\Program Files\MUSICMATCH
[28/02/2004|16:16] C:\Program Files\Common Files
[28/02/2004|15:40] C:\Program Files\Medion Tools
[28/02/2004|15:25] C:\Program Files\OfficeUpdate11
[28/02/2004|15:05] C:\Program Files\Winbond Electronics Corp
[28/02/2004|14:51] C:\Program Files\Microsoft Money
[28/02/2004|14:47] C:\Program Files\Microsoft Visual Studio
[28/02/2004|14:38] C:\Program Files\Microsoft Works Suite 2004
[28/02/2004|14:35] C:\Program Files\Ahead
[28/02/2004|14:16] C:\Program Files\HighMAT CD Writing Wizard
[28/02/2004|14:11] C:\Program Files\Uninstall Information
[27/02/2004|19:13] C:\Program Files\USB Wireless Keyboard Driver
[27/02/2004|19:11] C:\Program Files\C-Media 3D Audio
[27/02/2004|19:03] C:\Program Files\ATI Technologies
[27/02/2004|18:45] C:\Program Files\Intel
[27/02/2004|18:35] C:\Program Files\Windows Journal Viewer
[27/02/2004|18:30] C:\Program Files\xerox
[27/02/2004|18:30] C:\Program Files\microsoft frontpage
[27/02/2004|18:28] C:\Program Files\MSN
[27/02/2004|18:28] C:\Program Files\MSN Gaming Zone

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[16/01/2008|21:55] C:\Program Files\Fichiers communs\Adobe
[16/01/2008|21:39] C:\Program Files\Fichiers communs\..
[16/01/2008|21:39] C:\Program Files\Fichiers communs\Macrovision Shared
[16/01/2008|21:39] C:\Program Files\Fichiers communs\.
[12/01/2008|21:29] C:\Program Files\Fichiers communs\Real
[01/01/2008|16:55] C:\Program Files\Fichiers communs\Autodesk Shared
[01/01/2008|16:49] C:\Program Files\Fichiers communs\Designer
[18/10/2007|17:48] C:\Program Files\Fichiers communs\eDrawings2007
[02/08/2007|20:11] C:\Program Files\Fichiers communs\EPSON
[14/06/2007|09:54] C:\Program Files\Fichiers communs\System
[22/11/2006|16:37] C:\Program Files\Fichiers communs\SolidWorks Shared
[22/11/2006|16:25] C:\Program Files\Fichiers communs\Solidworks Data
[28/06/2006|14:08] C:\Program Files\Fichiers communs\Microsoft Shared
[04/06/2006|12:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[06/04/2006|17:41] C:\Program Files\Fichiers communs\Java
[14/01/2005|18:56] C:\Program Files\Fichiers communs\Python
[06/09/2004|18:10] C:\Program Files\Fichiers communs\DirectX
[28/02/2004|17:49] C:\Program Files\Fichiers communs\AOL
[28/02/2004|15:05] C:\Program Files\Fichiers communs\Borland Shared
[28/02/2004|15:01] C:\Program Files\Fichiers communs\InstallShield
[28/02/2004|14:34] C:\Program Files\Fichiers communs\Ahead
[27/02/2004|18:28] C:\Program Files\Fichiers communs\Services
[27/02/2004|18:28] C:\Program Files\Fichiers communs\MSSoap
[27/02/2004|18:26] C:\Program Files\Fichiers communs\ODBC
[27/02/2004|18:26] C:\Program Files\Fichiers communs\SpeechEngines

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\WINDOWS\Tasks\A809F21391526C17.job

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-07 19:14:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:172][Doss:19] C:\DOCUME~1\Simon\LOCALS~1\Temp
/!\ [Fich:7170][Doss:20] C:\DOCUME~1\Simon\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:14:44.64 ]----------------------

Autres pages sur : pubs cid

7 Février 2008 22:10:38

Voila:
Logfile of HijackThis v1.99.1
Scan saved at 22:13:55, on 07/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\System32\wisptis.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\List fork.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

Contenus similaires
a b 8 Sécurité
8 Février 2008 13:18:22

Re,

Télécharge MSNFix.zip ([#ff0000]!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).

Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.

[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]

Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log
8 Février 2008 19:34:54

Pas d'infection présente apparement, voici le rapport:

MSNFix 1.656

C:\Documents and Settings\Simon\Bureau\MSNFix
Fix exécuté le 08/02/2008 - 19:33:47.82 By Simon
mode normal

************************ Recherche les fichiers présents

Aucun Fichier trouvé

************************ Recherche les dossiers présents

Aucun dossier trouvé


************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\system32\fxssvc.exe] FBE05797F3A311596D0DDBB6AB60FE19

==> SVP merci d'envoyer le fichier C:\DOCUME~1\Simon\Bureau\Upload_Me.zip sur http://upload.changelog.fr




Information ...... Information ...... Information ......

/!\ /!\ MSNFix n'est pas affilié a livekill CleanMessenger /!\ /!\

Ce pseudo antivirus copie les bases de MSNFix pour se tenir a jour


/!\ /!\ MSNFix is not affiliated with Livekill CleanMessenger /!\ /!\

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

a b 8 Sécurité
8 Février 2008 20:18:33

Re,

[#ff0000]CECI EST UNE ETAPE IMPORTANTE A REALISER ![/#f]
Upload l'archive Upload_Me.zip contenant les fichiers suspects afin de développer l'outil MSNFix.
AIDE : Upload des fichiers supects pour MSNFix
9 Février 2008 11:09:39

C'est bon le fichier a été uploadé
Merci pour ton aide
a b 8 Sécurité
9 Février 2008 12:21:51

Reposte un rapport Hijackthis.
9 Février 2008 21:15:40

Logfile of HijackThis v1.99.1
Scan saved at 21:18:49, on 09/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\List fork.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

a b 8 Sécurité
10 Février 2008 11:43:56

Re,

Télécharge BTFix ([#ff0000]Bibi26[/#f]).
Dézippe l'archive sur ton Bureau.
  • Ouvre le dossier BTFix.
  • Double clique sur BTFix.exe.
  • Clique sur Rechercher.
  • Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
    10 Février 2008 19:32:24

    Aucune infection trouvée, voila le rapport:
    BTFix 1.075 (par bibi26) - 10/02/2008 19:34:44 - Analyse
    Lancé depuis C:\Documents and Settings\Simon\Bureau\BTFix\BTFix.exe

    ---> Fichiers/Dossiers trouvés


    ---> Analyse terminée
    a b 8 Sécurité
    10 Février 2008 20:21:06

    On va essayer autre chose.

    Télécharge ewido anti-spyware micro scanner sur ton bureau.
  • Double-clique sur le fichier ewido_micro.exe pour l'exécuter.
  • Le programme va demander dès son lancement un accès internet pour se mettre à jour, accepte.
  • Puis, un nouvel écran apparaît, assure toi que toutes les cases soient cochées.
  • Clique sur Start Scan et laisse l'outil travailler.
  • Quand l'outil à fini, clique sur save report et sauvegarde le rapport sur ton bureau.
  • Poste le dans ta prochaine réponse.

    Nb : ne clique pas tout de suite sur Remove infections; nous devons nous assurer que toutes les détections soient infectieuses car certains utilitaires légitimes pourraient apparaître dans le rapport.
    12 Février 2008 21:48:07

    Re, dsl pour le retard, voila le rapport:

    __________________________________________________
    ewido anti-spyware online scanner
    http://www.ewido.net
    __________________________________________________


    Name: TrackingCookie.247realmedia
    Path: C:\Documents and Settings\Simon\Cookies\simon@247realmedia[2].txt
    Risk: Medium

    Name: TrackingCookie.Yieldmanager
    Path: C:\Documents and Settings\Simon\Cookies\simon@ad.yieldmanager[2].txt
    Risk: Medium

    Name: TrackingCookie.Clickhype
    Path: C:\Documents and Settings\Simon\Cookies\simon@ad1.clickhype[1].txt
    Risk: Medium

    Name: TrackingCookie.Adbrite
    Path: C:\Documents and Settings\Simon\Cookies\simon@adbrite[2].txt
    Risk: Medium

    Name: TrackingCookie.Euroclick
    Path: C:\Documents and Settings\Simon\Cookies\simon@adopt.euroclick[2].txt
    Risk: Medium

    Name: TrackingCookie.Adrevolver
    Path: C:\Documents and Settings\Simon\Cookies\simon@adrevolver[1].txt
    Risk: Medium

    Name: TrackingCookie.Planetactive
    Path: C:\Documents and Settings\Simon\Cookies\simon@ads.planetactive[1].txt
    Risk: Medium

    Name: TrackingCookie.Pointroll
    Path: C:\Documents and Settings\Simon\Cookies\simon@ads.pointroll[1].txt
    Risk: Medium

    Name: TrackingCookie.Adtech
    Path: C:\Documents and Settings\Simon\Cookies\simon@adtech[1].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\Simon\Cookies\simon@bluestreak[2].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\Simon\Cookies\simon@bs.serving-sys[1].txt
    Risk: Medium

    Name: TrackingCookie.Casalemedia
    Path: C:\Documents and Settings\Simon\Cookies\simon@casalemedia[2].txt
    Risk: Medium

    Name: TrackingCookie.Casinotropez
    Path: C:\Documents and Settings\Simon\Cookies\simon@casinotropez[1].txt
    Risk: Medium

    Name: TrackingCookie.Clickbank
    Path: C:\Documents and Settings\Simon\Cookies\simon@clickbank[1].txt
    Risk: Medium

    Name: TrackingCookie.Dealtime
    Path: C:\Documents and Settings\Simon\Cookies\simon@dealtime[1].txt
    Risk: Medium

    Name: TrackingCookie.Ru4
    Path: C:\Documents and Settings\Simon\Cookies\simon@edge.ru4[1].txt
    Risk: Medium

    Name: TrackingCookie.Estat
    Path: C:\Documents and Settings\Simon\Cookies\simon@estat[1].txt
    Risk: Medium

    Name: TrackingCookie.Fastclick
    Path: C:\Documents and Settings\Simon\Cookies\simon@fastclick[2].txt
    Risk: Medium

    Name: TrackingCookie.Comclick
    Path: C:\Documents and Settings\Simon\Cookies\simon@fl01.ct2.comclick[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Simon\Cookies\simon@fnac.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Simon\Cookies\simon@hertz.122.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Simon\Cookies\simon@himedia.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Gemius
    Path: C:\Documents and Settings\Simon\Cookies\simon@hit.gemius[2].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\Simon\Cookies\simon@iv2.bluestreak[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Simon\Cookies\simon@karavel.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Adrevolver
    Path: C:\Documents and Settings\Simon\Cookies\simon@media.adrevolver[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Simon\Cookies\simon@msnportal.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Overture
    Path: C:\Documents and Settings\Simon\Cookies\simon@overture[2].txt
    Risk: Medium

    Name: TrackingCookie.Overture
    Path: C:\Documents and Settings\Simon\Cookies\simon@perf.overture[1].txt
    Risk: Medium

    Name: TrackingCookie.Questionmarket
    Path: C:\Documents and Settings\Simon\Cookies\simon@questionmarket[2].txt
    Risk: Medium

    Name: TrackingCookie.Revsci
    Path: C:\Documents and Settings\Simon\Cookies\simon@revsci[2].txt
    Risk: Medium

    Name: TrackingCookie.Msn
    Path: C:\Documents and Settings\Simon\Cookies\simon@search.msn[2].txt
    Risk: Medium

    Name: TrackingCookie.Information
    Path: C:\Documents and Settings\Simon\Cookies\simon@searchportal.information[1].txt
    Risk: Medium

    Name: TrackingCookie.Liveperson
    Path: C:\Documents and Settings\Simon\Cookies\simon@server.iad.liveperson[2].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\Simon\Cookies\simon@serving-sys[2].txt
    Risk: Medium

    Name: TrackingCookie.Smartadserver
    Path: C:\Documents and Settings\Simon\Cookies\simon@smartadserver[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Simon\Cookies\simon@snapfish.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Dealtime
    Path: C:\Documents and Settings\Simon\Cookies\simon@stat.dealtime[2].txt
    Risk: Medium

    Name: TrackingCookie.Statcounter
    Path: C:\Documents and Settings\Simon\Cookies\simon@statcounter[1].txt
    Risk: Medium

    Name: TrackingCookie.Tradedoubler
    Path: C:\Documents and Settings\Simon\Cookies\simon@tradedoubler[2].txt
    Risk: Medium

    Name: TrackingCookie.Tribalfusion
    Path: C:\Documents and Settings\Simon\Cookies\simon@tribalfusion[1].txt
    Risk: Medium

    Name: TrackingCookie.Valueclick
    Path: C:\Documents and Settings\Simon\Cookies\simon@valueclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Weborama
    Path: C:\Documents and Settings\Simon\Cookies\simon@weborama[1].txt
    Risk: Medium

    Name: TrackingCookie.Adtrak
    Path: C:\Documents and Settings\Simon\Cookies\simon@www.adtrak[2].txt
    Risk: Medium

    Name: TrackingCookie.Popuptraffic
    Path: C:\Documents and Settings\Simon\Cookies\simon@www.popuptraffic[2].txt
    Risk: Medium

    Name: TrackingCookie.Yadro
    Path: C:\Documents and Settings\Simon\Cookies\simon@yadro[1].txt
    Risk: Medium

    Name: TrackingCookie.Zedo
    Path: C:\Documents and Settings\Simon\Cookies\simon@zedo[2].txt
    Risk: Medium

    Name: Adware.Generic
    Path: HKLM\SOFTWARE\Classes\CLSID\{722D2939-A14A-41A9-9EAC-AB8F4E295819}
    Risk: Medium

    Name: Adware.Generic
    Path: HKLM\SOFTWARE\Classes\CLSID\{88D758A3-D33B-45FD-91E3-67749B4057FA}
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Camille\Cookies\camille@112.2o7[2].txt
    Risk: Medium

    Name: TrackingCookie.247realmedia
    Path: C:\Documents and Settings\Camille\Cookies\camille@247realmedia[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Camille\Cookies\camille@2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Yieldmanager
    Path: C:\Documents and Settings\Camille\Cookies\camille@ad.yieldmanager[1].txt
    Risk: Medium

    Name: TrackingCookie.Euroclick
    Path: C:\Documents and Settings\Camille\Cookies\camille@adopt.euroclick[2].txt
    Risk: Medium

    Name: TrackingCookie.Adtech
    Path: C:\Documents and Settings\Camille\Cookies\camille@adtech[1].txt
    Risk: Medium

    Name: TrackingCookie.Advertising
    Path: C:\Documents and Settings\Camille\Cookies\camille@advertising[1].txt
    Risk: Medium

    Name: TrackingCookie.Atdmt
    Path: C:\Documents and Settings\Camille\Cookies\camille@atdmt[2].txt
    Risk: Medium

    Name: TrackingCookie.Doubleclick
    Path: C:\Documents and Settings\Camille\Cookies\camille@doubleclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Estat
    Path: C:\Documents and Settings\Camille\Cookies\camille@estat[1].txt
    Risk: Medium

    Name: TrackingCookie.Fastclick
    Path: C:\Documents and Settings\Camille\Cookies\camille@fastclick[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Camille\Cookies\camille@karavel.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Mediaplex
    Path: C:\Documents and Settings\Camille\Cookies\camille@mediaplex[2].txt
    Risk: Medium

    Name: TrackingCookie.Overture
    Path: C:\Documents and Settings\Camille\Cookies\camille@overture[1].txt
    Risk: Medium

    Name: TrackingCookie.Smartadserver
    Path: C:\Documents and Settings\Camille\Cookies\camille@smartadserver[1].txt
    Risk: Medium

    Name: TrackingCookie.Webtrendslive
    Path: C:\Documents and Settings\Camille\Cookies\camille@statse.webtrendslive[1].txt
    Risk: Medium

    Name: TrackingCookie.Tradedoubler
    Path: C:\Documents and Settings\Camille\Cookies\camille@tradedoubler[1].txt
    Risk: Medium

    Name: TrackingCookie.Weborama
    Path: C:\Documents and Settings\Camille\Cookies\camille@weborama[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@112.2o7[2].txt
    Risk: Medium

    Name: TrackingCookie.Yieldmanager
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@ad.yieldmanager[1].txt
    Risk: Medium

    Name: TrackingCookie.Adtech
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@adtech[1].txt
    Risk: Medium

    Name: TrackingCookie.Advertising
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@advertising[1].txt
    Risk: Medium

    Name: TrackingCookie.Atdmt
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@atdmt[2].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@bluestreak[1].txt
    Risk: Medium

    Name: TrackingCookie.Casalemedia
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@casalemedia[1].txt
    Risk: Medium

    Name: TrackingCookie.Doubleclick
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@doubleclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Fastclick
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@fastclick[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@himedia.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@iv2.bluestreak[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@karavel.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Mediaplex
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@mediaplex[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@msnportal.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@opodo.122.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Smartadserver
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@smartadserver[2].txt
    Risk: Medium

    Name: TrackingCookie.Tradedoubler
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@tradedoubler[1].txt
    Risk: Medium

    Name: TrackingCookie.Weborama
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@weborama[2].txt
    Risk: Medium

    Name: TrackingCookie.Lop
    Path: C:\Documents and Settings\Francoise\Cookies\francoise@www.lop[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Internet\Cookies\internet@2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Yieldmanager
    Path: C:\Documents and Settings\Internet\Cookies\internet@ad.yieldmanager[2].txt
    Risk: Medium

    Name: TrackingCookie.Adbrite
    Path: C:\Documents and Settings\Internet\Cookies\internet@adbrite[2].txt
    Risk: Medium

    Name: TrackingCookie.Euroclick
    Path: C:\Documents and Settings\Internet\Cookies\internet@adopt.euroclick[2].txt
    Risk: Medium

    Name: TrackingCookie.Adrevolver
    Path: C:\Documents and Settings\Internet\Cookies\internet@adrevolver[2].txt
    Risk: Medium

    Name: TrackingCookie.Pointroll
    Path: C:\Documents and Settings\Internet\Cookies\internet@ads.pointroll[2].txt
    Risk: Medium

    Name: TrackingCookie.Adtech
    Path: C:\Documents and Settings\Internet\Cookies\internet@adtech[1].txt
    Risk: Medium

    Name: TrackingCookie.Advertising
    Path: C:\Documents and Settings\Internet\Cookies\internet@advertising[1].txt
    Risk: Medium

    Name: TrackingCookie.Adviva
    Path: C:\Documents and Settings\Internet\Cookies\internet@adviva[2].txt
    Risk: Medium

    Name: TrackingCookie.Falkag
    Path: C:\Documents and Settings\Internet\Cookies\internet@as-eu.falkag[2].txt
    Risk: Medium

    Name: TrackingCookie.Atdmt
    Path: C:\Documents and Settings\Internet\Cookies\internet@atdmt[2].txt
    Risk: Medium

    Name: TrackingCookie.Msn
    Path: C:\Documents and Settings\Internet\Cookies\internet@auto.search.msn[1].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\Internet\Cookies\internet@bluestreak[2].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\Internet\Cookies\internet@bs.serving-sys[2].txt
    Risk: Medium

    Name: TrackingCookie.Casinotropez
    Path: C:\Documents and Settings\Internet\Cookies\internet@casinotropez[1].txt
    Risk: Medium

    Name: TrackingCookie.Connextra
    Path: C:\Documents and Settings\Internet\Cookies\internet@connextra[2].txt
    Risk: Medium

    Name: TrackingCookie.Doubleclick
    Path: C:\Documents and Settings\Internet\Cookies\internet@doubleclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-adidas.hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-esa.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-neuftelecom.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-systran.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-telecomitalia.hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-wizardsofthecoast.hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Estat
    Path: C:\Documents and Settings\Internet\Cookies\internet@estat[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Internet\Cookies\internet@eurostar.122.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Fastclick
    Path: C:\Documents and Settings\Internet\Cookies\internet@fastclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Comclick
    Path: C:\Documents and Settings\Internet\Cookies\internet@fl01.ct2.comclick[2].txt
    Risk: Medium

    Name: TrackingCookie.Gemius
    Path: C:\Documents and Settings\Internet\Cookies\internet@hit.gemius[2].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Internet\Cookies\internet@hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Ivwbox
    Path: C:\Documents and Settings\Internet\Cookies\internet@ivwbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Webtrends
    Path: C:\Documents and Settings\Internet\Cookies\internet@m.webtrends[1].txt
    Risk: Medium

    Name: TrackingCookie.Adrevolver
    Path: C:\Documents and Settings\Internet\Cookies\internet@media.adrevolver[1].txt
    Risk: Medium

    Name: TrackingCookie.Mediaplex
    Path: C:\Documents and Settings\Internet\Cookies\internet@mediaplex[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Internet\Cookies\internet@msninvite.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Internet\Cookies\internet@msnportal.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Internet\Cookies\internet@opodo.122.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Internet\Cookies\internet@ostg.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Overture
    Path: C:\Documents and Settings\Internet\Cookies\internet@overture[1].txt
    Risk: Medium

    Name: TrackingCookie.Overture
    Path: C:\Documents and Settings\Internet\Cookies\internet@perf.overture[1].txt
    Risk: Medium

    Name: TrackingCookie.Casinotropez
    Path: C:\Documents and Settings\Internet\Cookies\internet@promo.casinotropez[1].txt
    Risk: Medium

    Name: TrackingCookie.Real
    Path: C:\Documents and Settings\Internet\Cookies\internet@realguide-fr.real[1].txt
    Risk: Medium

    Name: TrackingCookie.Realmedia
    Path: C:\Documents and Settings\Internet\Cookies\internet@realmedia[1].txt
    Risk: Medium

    Name: TrackingCookie.Real
    Path: C:\Documents and Settings\Internet\Cookies\internet@real[2].txt
    Risk: Medium

    Name: TrackingCookie.Revenue
    Path: C:\Documents and Settings\Internet\Cookies\internet@revenue[2].txt
    Risk: Medium

    Name: TrackingCookie.Msn
    Path: C:\Documents and Settings\Internet\Cookies\internet@search.msn[2].txt
    Risk: Medium

    Name: TrackingCookie.Information
    Path: C:\Documents and Settings\Internet\Cookies\internet@searchportal.information[1].txt
    Risk: Medium

    Name: TrackingCookie.Liveperson
    Path: C:\Documents and Settings\Internet\Cookies\internet@server.iad.liveperson[2].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\Internet\Cookies\internet@serving-sys[2].txt
    Risk: Medium

    Name: TrackingCookie.Smartadserver
    Path: C:\Documents and Settings\Internet\Cookies\internet@smartadserver[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Internet\Cookies\internet@snapfish.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Statcounter
    Path: C:\Documents and Settings\Internet\Cookies\internet@statcounter[1].txt
    Risk: Medium

    Name: TrackingCookie.Webtrendslive
    Path: C:\Documents and Settings\Internet\Cookies\internet@statse.webtrendslive[2].txt
    Risk: Medium

    Name: TrackingCookie.Tradedoubler
    Path: C:\Documents and Settings\Internet\Cookies\internet@tradedoubler[2].txt
    Risk: Medium

    Name: TrackingCookie.Trafficmp
    Path: C:\Documents and Settings\Internet\Cookies\internet@trafficmp[1].txt
    Risk: Medium

    Name: TrackingCookie.Weborama
    Path: C:\Documents and Settings\Internet\Cookies\internet@weborama[2].txt
    Risk: Medium

    Name: TrackingCookie.Burstnet
    Path: C:\Documents and Settings\Internet\Cookies\internet@www.burstnet[1].txt
    Risk: Medium

    Name: TrackingCookie.Lop
    Path: C:\Documents and Settings\Internet\Cookies\internet@www.lop[1].txt
    Risk: Medium

    Name: TrackingCookie.Yadro
    Path: C:\Documents and Settings\Internet\Cookies\internet@yadro[1].txt
    Risk: Medium

    Name: TrackingCookie.Zedo
    Path: C:\Documents and Settings\Internet\Cookies\internet@zedo[2].txt
    Risk: Medium

    Name: Downloader.Agent.hql
    Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MSNFix\2008-01-17_213104.10.zip/backup/17PHolmes1148.exe
    Risk: High

    Name: Downloader.Agent.erf
    Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MSNFix\2008-01-17_213104.10.zip/backup/b122.exe
    Risk: High

    Name: Downloader.Agent.hql
    Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MSNFix\2008-01-17_213104.10.zip/backup/mrofinu1148.exe
    Risk: High

    Name: Downloader.Agent.hql
    Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MSNFix\2008-01-17_213104.10.zip/backup/mrofinu1148.exe.tmp
    Risk: High

    Name: Trojan.Steal
    Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MsnsnifferFULL.rar/keygen.exe/Se.exe
    Risk: High

    Name: Trojan.Steal
    Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MsnsnifferFULL.rar/keygen.exe/Se.exe
    Risk: High

    Name: Adware.MediaTickets
    Path: C:\eied_s7.cab/eied.inf
    Risk: Medium

    Name: Dialer.ALifeDialer
    Path: C:\Program Files\PestPatrol\Quarantine\20040824203547687.zip/WINDOWS/coder/_800-anime-0-0-.exe
    Risk: High

    Name: Trojan.Inject.qu
    Path: C:\QooBox\Quarantine\C\Documents and Settings\Simon\Application Data\Plan Atom Sect\umjdydpl.exe.vir
    Risk: High

    Name: Trojan.Agent.dwb
    Path: C:\QooBox\Quarantine\C\Program Files\Temporary\kernInst.exe.vir
    Risk: High

    Name: Backdoor.Ekodo
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP504\A0597356.exe
    Risk: High

    Name: Backdoor.Ekodo
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP504\A0597357.exe
    Risk: High

    Name: Downloader.Agent.hhc
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP530\A0681179.exe
    Risk: High

    Name: Downloader.Agent.hha
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP530\A0681180.exe
    Risk: High

    Name: Trojan.Inject.qu
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP532\A0681280.exe
    Risk: High

    Name: Downloader.Agent.hql
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP533\A0682329.exe
    Risk: High

    Name: Downloader.Agent.hql
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP533\A0682334.exe
    Risk: High

    Name: Downloader.Agent.hql
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682472.exe
    Risk: High

    Name: Downloader.Agent.erf
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682473.exe
    Risk: High

    Name: Downloader.Agent.hql
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682484.exe
    Risk: High

    Name: Downloader.Agent.hql
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682485.exe
    Risk: High

    Name: Downloader.Agent.erf
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682487.exe
    Risk: High

    Name: Downloader.Agent.hql
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682499.exe
    Risk: High

    Name: Trojan.Agent.dwb
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682955.exe
    Risk: High

    Name: Trojan.Agent.dwd
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0687171.com
    Risk: High

    Name: Trojan.Agent.dwd
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0687174.com
    Risk: High

    Name: Downloader.Adload.pr
    Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0687391.exe
    Risk: High

    a b 8 Sécurité
    12 Février 2008 22:22:17

    Re,

  • Clique sur Remove infections
  • Au message d'avertissement, clique sur Ok et laisse l'outil travailler.
  • Quand l'outil à fini, clique sur Save Report et sauvegarde le rapport sur ton bureau.
  • Poste le dans ta prochaine réponse.
    14 Février 2008 19:15:33

    Sa y est, j'ai fait remove infections mais les pubs CID's sont toujours la. Je dois refaire un rapport ?? parce que c'est très long a chaque fois
    a b 8 Sécurité
    15 Février 2008 13:58:07

    Refais un scan LopSD option 1.
    15 Février 2008 23:02:03


    -----------------------------[ Lop S&D 2.0.5 ]---------------------------

    [ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    [ USER: Simon ] [ "C:\Program Files\Lop SD" ]

    [ 15/02/2008 | 22:56:29.15 ] [ CARRE1 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    [18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\..
    [18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\.
    [18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\Microsoft
    [28/02/2004|17:59] C:\DOCUME~1\Admin\APPLIC~1\Macromedia
    [28/02/2004|17:58] C:\DOCUME~1\Admin\APPLIC~1\Real
    [28/02/2004|16:52] C:\DOCUME~1\Admin\APPLIC~1\AdobeUM
    [28/02/2004|16:52] C:\DOCUME~1\Admin\APPLIC~1\Adobe
    [28/02/2004|16:26] C:\DOCUME~1\Admin\APPLIC~1\Cyberlink
    [28/02/2004|15:48] C:\DOCUME~1\Admin\APPLIC~1\Ahead
    [27/02/2004|19:06] C:\DOCUME~1\Admin\APPLIC~1\Help
    [27/02/2004|18:30] C:\DOCUME~1\Admin\APPLIC~1\Identities
    [27/02/2004|18:26] C:\DOCUME~1\Admin\APPLIC~1\desktop.ini

    [14/02/2008|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [14/02/2008|23:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [14/02/2008|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [14/02/2008|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [01/02/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    [27/01/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [25/01/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [20/01/2008|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [20/01/2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
    [16/01/2008|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [27/10/2007|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [18/10/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [16/08/2007|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
    [27/05/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [25/02/2007|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [22/01/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
    [21/09/2006|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [11/08/2006|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
    [04/06/2006|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [18/03/2006|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [26/02/2006|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [31/12/2005|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
    [18/02/2005|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [24/08/2004|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [28/02/2004|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [28/02/2004|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [27/02/2004|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [27/02/2004|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini


    [16/10/2007|11:48] C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR
    [06/12/2006|13:25] C:\DOCUME~1\Camille\APPLIC~1\Google
    [06/12/2006|13:24] C:\DOCUME~1\Camille\APPLIC~1\..
    [06/12/2006|13:24] C:\DOCUME~1\Camille\APPLIC~1\.
    [10/08/2006|21:33] C:\DOCUME~1\Camille\APPLIC~1\Sun
    [10/02/2006|15:46] C:\DOCUME~1\Camille\APPLIC~1\Microsoft
    [15/01/2006|17:45] C:\DOCUME~1\Camille\APPLIC~1\EPSON
    [29/06/2005|20:30] C:\DOCUME~1\Camille\APPLIC~1\wklnhst.dat
    [28/02/2004|17:59] C:\DOCUME~1\Camille\APPLIC~1\Macromedia
    [28/02/2004|17:58] C:\DOCUME~1\Camille\APPLIC~1\Real
    [28/02/2004|16:52] C:\DOCUME~1\Camille\APPLIC~1\AdobeUM
    [28/02/2004|16:52] C:\DOCUME~1\Camille\APPLIC~1\Adobe
    [28/02/2004|16:26] C:\DOCUME~1\Camille\APPLIC~1\Cyberlink
    [28/02/2004|15:48] C:\DOCUME~1\Camille\APPLIC~1\Ahead
    [27/02/2004|19:06] C:\DOCUME~1\Camille\APPLIC~1\Help
    [27/02/2004|18:30] C:\DOCUME~1\Camille\APPLIC~1\Identities
    [27/02/2004|18:26] C:\DOCUME~1\Camille\APPLIC~1\desktop.ini

    [28/02/2004|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [28/02/2004|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28/02/2004|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
    [28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [28/02/2004|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink
    [28/02/2004|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
    [27/02/2004|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
    [27/02/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [27/02/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

    [16/01/2008|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\..
    [16/01/2008|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\.
    [29/09/2007|12:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR
    [16/08/2007|10:49] C:\DOCUME~1\FRANCO~1\APPLIC~1\Sun
    [16/08/2007|09:42] C:\DOCUME~1\FRANCO~1\APPLIC~1\DassaultSystemes
    [09/03/2007|15:36] C:\DOCUME~1\FRANCO~1\APPLIC~1\Musicmatch
    [19/02/2007|21:41] C:\DOCUME~1\FRANCO~1\APPLIC~1\Microsoft
    [23/01/2007|13:00] C:\DOCUME~1\FRANCO~1\APPLIC~1\wklnhst.dat
    [17/12/2006|17:37] C:\DOCUME~1\FRANCO~1\APPLIC~1\Google
    [08/03/2006|19:09] C:\DOCUME~1\FRANCO~1\APPLIC~1\Adobe
    [08/03/2006|18:20] C:\DOCUME~1\FRANCO~1\APPLIC~1\Xfire
    [08/03/2006|17:17] C:\DOCUME~1\FRANCO~1\APPLIC~1\AdobeUM
    [28/02/2004|17:59] C:\DOCUME~1\FRANCO~1\APPLIC~1\Macromedia
    [28/02/2004|17:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\Real
    [28/02/2004|16:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\Cyberlink
    [28/02/2004|15:48] C:\DOCUME~1\FRANCO~1\APPLIC~1\Ahead
    [27/02/2004|19:06] C:\DOCUME~1\FRANCO~1\APPLIC~1\Help
    [27/02/2004|18:30] C:\DOCUME~1\FRANCO~1\APPLIC~1\Identities
    [27/02/2004|18:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\desktop.ini

    [15/02/2008|19:17] C:\DOCUME~1\Internet\APPLIC~1\Microsoft
    [07/02/2008|17:18] C:\DOCUME~1\Internet\APPLIC~1\Adobe
    [31/01/2008|18:22] C:\DOCUME~1\Internet\APPLIC~1\GDIPFONTCACHEV1.DAT
    [16/01/2008|20:04] C:\DOCUME~1\Internet\APPLIC~1\..
    [16/01/2008|20:04] C:\DOCUME~1\Internet\APPLIC~1\.
    [21/11/2007|19:13] C:\DOCUME~1\Internet\APPLIC~1\Creative
    [18/10/2007|16:53] C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR
    [17/10/2007|18:39] C:\DOCUME~1\Internet\APPLIC~1\wklnhst.dat
    [09/08/2007|11:19] C:\DOCUME~1\Internet\APPLIC~1\DivX
    [17/07/2007|13:01] C:\DOCUME~1\Internet\APPLIC~1\Apple Computer
    [10/04/2007|08:25] C:\DOCUME~1\Internet\APPLIC~1\MSN6
    [29/06/2006|09:05] C:\DOCUME~1\Internet\APPLIC~1\DassaultSystemes
    [19/05/2006|17:17] C:\DOCUME~1\Internet\APPLIC~1\Azureus
    [10/04/2006|13:40] C:\DOCUME~1\Internet\APPLIC~1\Sun
    [28/03/2006|11:09] C:\DOCUME~1\Internet\APPLIC~1\vlc
    [09/03/2006|18:47] C:\DOCUME~1\Internet\APPLIC~1\AdobeUM
    [01/03/2006|11:39] C:\DOCUME~1\Internet\APPLIC~1\Google
    [28/02/2006|15:59] C:\DOCUME~1\Internet\APPLIC~1\Xfire
    [14/01/2005|19:02] C:\DOCUME~1\Internet\APPLIC~1\EPSON
    [28/02/2004|17:59] C:\DOCUME~1\Internet\APPLIC~1\Macromedia
    [28/02/2004|17:58] C:\DOCUME~1\Internet\APPLIC~1\Real
    [28/02/2004|16:26] C:\DOCUME~1\Internet\APPLIC~1\Cyberlink
    [28/02/2004|15:48] C:\DOCUME~1\Internet\APPLIC~1\Ahead
    [27/02/2004|19:06] C:\DOCUME~1\Internet\APPLIC~1\Help
    [27/02/2004|18:30] C:\DOCUME~1\Internet\APPLIC~1\Identities
    [27/02/2004|18:26] C:\DOCUME~1\Internet\APPLIC~1\desktop.ini

    [18/11/2006|20:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
    [04/04/2006|10:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [17/08/2004|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
    [27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

    [27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

    [09/08/2004|20:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
    [05/04/2004|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [05/04/2004|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

    [14/02/2008|23:33] C:\DOCUME~1\Simon\APPLIC~1\Microsoft
    [14/02/2008|22:18] C:\DOCUME~1\Simon\APPLIC~1\Adobe
    [01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\RibbonSoft
    [01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\..
    [01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\.
    [27/01/2008|19:55] C:\DOCUME~1\Simon\APPLIC~1\SolidWorks
    [27/01/2008|19:34] C:\DOCUME~1\Simon\APPLIC~1\Autodesk
    [13/01/2008|13:24] C:\DOCUME~1\Simon\APPLIC~1\Megaupload
    [12/01/2008|21:29] C:\DOCUME~1\Simon\APPLIC~1\Real
    [28/12/2007|16:18] C:\DOCUME~1\Simon\APPLIC~1\SecondLife
    [28/12/2007|16:05] C:\DOCUME~1\Simon\APPLIC~1\Mozilla
    [17/10/2007|23:05] C:\DOCUME~1\Simon\APPLIC~1\wklnhst.dat
    [16/10/2007|20:27] C:\DOCUME~1\Simon\APPLIC~1\vmntoolbar
    [22/08/2007|22:52] C:\DOCUME~1\Simon\APPLIC~1\Xfire
    [14/07/2007|22:10] C:\DOCUME~1\Simon\APPLIC~1\Mp3tag
    [15/06/2007|21:05] C:\DOCUME~1\Simon\APPLIC~1\Creative
    [07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Settings.cfg
    [07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Par d‚faut.cls
    [07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Connexion FTP.ftp
    [07/06/2007|12:32] C:\DOCUME~1\Simon\APPLIC~1\Dynamique
    [07/06/2007|12:32] C:\DOCUME~1\Simon\APPLIC~1\Sites pr‚d‚finis
    [31/05/2007|18:57] C:\DOCUME~1\Simon\APPLIC~1\Vso
    [27/05/2007|16:35] C:\DOCUME~1\Simon\APPLIC~1\Apple Computer
    [12/04/2007|20:16] C:\DOCUME~1\Simon\APPLIC~1\Leadertech
    [11/04/2007|13:52] C:\DOCUME~1\Simon\APPLIC~1\Hamachi
    [29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.log
    [29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\ezpinst.exe
    [29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.cat
    [29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.sys
    [29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.inf
    [24/03/2007|15:25] C:\DOCUME~1\Simon\APPLIC~1\STOIK
    [21/03/2007|16:39] C:\DOCUME~1\Simon\APPLIC~1\Screenshot Sender
    [22/02/2007|16:31] C:\DOCUME~1\Simon\APPLIC~1\RapidGet
    [05/01/2007|23:17] C:\DOCUME~1\Simon\APPLIC~1\GDIPFONTCACHEV1.DAT
    [27/12/2006|18:12] C:\DOCUME~1\Simon\APPLIC~1\DivX
    [13/12/2006|15:09] C:\DOCUME~1\Simon\APPLIC~1\InstallShield Installation Information
    [22/11/2006|16:46] C:\DOCUME~1\Simon\APPLIC~1\SolidWorksNewsReader
    [22/11/2006|16:36] C:\DOCUME~1\Simon\APPLIC~1\DWGeditor
    [14/09/2006|20:08] C:\DOCUME~1\Simon\APPLIC~1\dvdcss
    [17/08/2006|15:22] C:\DOCUME~1\Simon\APPLIC~1\teamspeak2
    [08/08/2006|15:02] C:\DOCUME~1\Simon\APPLIC~1\AdobeUM
    [27/07/2006|10:51] C:\DOCUME~1\Simon\APPLIC~1\FlashFXP
    [22/06/2006|10:37] C:\DOCUME~1\Simon\APPLIC~1\Azureus
    [16/06/2006|21:11] C:\DOCUME~1\Simon\APPLIC~1\InterTrust
    [08/06/2006|09:56] C:\DOCUME~1\Simon\APPLIC~1\Thumbs.db
    [06/04/2006|17:44] C:\DOCUME~1\Simon\APPLIC~1\Sun
    [01/04/2006|18:23] C:\DOCUME~1\Simon\APPLIC~1\DassaultSystemes
    [11/03/2006|14:59] C:\DOCUME~1\Simon\APPLIC~1\vlc
    [31/12/2005|18:19] C:\DOCUME~1\Simon\APPLIC~1\Google
    [27/07/2005|15:15] C:\DOCUME~1\Simon\APPLIC~1\FTP Expert Stockage.ftp
    [01/07/2005|21:29] C:\DOCUME~1\Simon\APPLIC~1\Ulead Systems
    [16/06/2005|18:31] C:\DOCUME~1\Simon\APPLIC~1\CDRusersDB.v12
    [18/05/2005|18:06] C:\DOCUME~1\Simon\APPLIC~1\iScreensaver
    [02/02/2005|15:24] C:\DOCUME~1\Simon\APPLIC~1\EPSON
    [28/02/2004|17:59] C:\DOCUME~1\Simon\APPLIC~1\Macromedia
    [28/02/2004|16:26] C:\DOCUME~1\Simon\APPLIC~1\Cyberlink
    [28/02/2004|15:48] C:\DOCUME~1\Simon\APPLIC~1\Ahead
    [27/02/2004|19:06] C:\DOCUME~1\Simon\APPLIC~1\Help
    [27/02/2004|18:30] C:\DOCUME~1\Simon\APPLIC~1\Identities
    [27/02/2004|18:26] C:\DOCUME~1\Simon\APPLIC~1\desktop.ini

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [01/02/2008 19:47][--ah-----] C:\WINDOWS\tasks\A809F21391526C17.job
    [25/05/2006 19:15][--a------] C:\WINDOWS\tasks\sauve.job
    [30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
    [26/05/2006 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [15/02/2008|22:56] C:\Program Files\Lop SD
    [15/02/2008|22:51] C:\Program Files\..
    [15/02/2008|22:51] C:\Program Files\.
    [14/02/2008|23:20] C:\Program Files\Microsoft Works
    [14/02/2008|23:20] C:\Program Files\MSBuild
    [14/02/2008|23:20] C:\Program Files\Microsoft Office
    [14/02/2008|23:20] C:\Program Files\Microsoft Visual Studio
    [14/02/2008|23:18] C:\Program Files\Microsoft.NET
    [14/02/2008|23:14] C:\Program Files\Microsoft Visual Studio 8
    [13/02/2008|18:57] C:\Program Files\Internet Explorer
    [05/02/2008|20:28] C:\Program Files\QCad Demo
    [01/02/2008|19:47] C:\Program Files\Plan Atom Sect
    [26/01/2008|15:05] C:\Program Files\SilverCrest Vibration Headset
    [26/01/2008|14:27] C:\Program Files\AV VCS 3.0
    [26/01/2008|00:34] C:\Program Files\Steam
    [19/01/2008|15:46] C:\Program Files\SUPER
    [19/01/2008|12:42] C:\Program Files\CamStudio
    [18/01/2008|22:28] C:\Program Files\Fake Webcam
    [17/01/2008|21:40] C:\Program Files\Messenger Plus! Live
    [17/01/2008|21:40] C:\Program Files\Windows Live
    [17/01/2008|21:40] C:\Program Files\MSN Messenger
    [17/01/2008|21:13] C:\Program Files\PDF PDF2Image v2.1
    [16/01/2008|21:59] C:\Program Files\Adobe
    [16/01/2008|21:39] C:\Program Files\Fichiers communs
    [16/01/2008|21:37] C:\Program Files\InstallShield Installation Information
    [12/01/2008|21:43] C:\Program Files\Sonic Foundry ACID Music
    [12/01/2008|21:35] C:\Program Files\Jeux
    [11/01/2008|21:23] C:\Program Files\Pando
    [01/01/2008|16:55] C:\Program Files\AutoCAD 2008
    [01/01/2008|16:50] C:\Program Files\Autodesk
    [29/12/2007|16:38] C:\Program Files\NCH Software
    [19/12/2007|20:07] C:\Program Files\Java
    [28/11/2007|20:28] C:\Program Files\Picasa2
    [18/10/2007|18:23] C:\Program Files\PestPatrol
    [18/10/2007|18:11] C:\Program Files\RegCleaner
    [18/10/2007|18:02] C:\Program Files\vmntoolbar
    [18/10/2007|17:58] C:\Program Files\Google
    [18/10/2007|17:56] C:\Program Files\LucasArts
    [23/08/2007|10:45] C:\Program Files\Xfire
    [16/08/2007|08:57] C:\Program Files\Metin2_France
    [15/08/2007|21:36] C:\Program Files\PC Inspector File Recovery
    [13/08/2007|12:00] C:\Program Files\Microsoft Games
    [17/07/2007|22:27] C:\Program Files\Windows Media Player
    [17/07/2007|22:13] C:\Program Files\Windows Media Connect 2
    [16/07/2007|18:20] C:\Program Files\Alcohol Soft
    [14/07/2007|21:59] C:\Program Files\Mp3tag
    [15/06/2007|19:01] C:\Program Files\Creative
    [15/06/2007|18:59] C:\Program Files\Creative ZEN Vision M Series
    [15/06/2007|16:55] C:\Program Files\Creative Installation Information
    [14/06/2007|09:54] C:\Program Files\Outlook Express
    [27/05/2007|16:34] C:\Program Files\QuickTime
    [16/05/2007|16:28] C:\Program Files\Activision
    [08/05/2007|11:07] C:\Program Files\CA
    [12/04/2007|19:58] C:\Program Files\Atari
    [31/03/2007|18:38] C:\Program Files\SolidWorks
    [29/03/2007|17:36] C:\Program Files\DVDFab Gold
    [25/03/2007|17:47] C:\Program Files\DVD Shrink
    [25/03/2007|13:49] C:\Program Files\Star Downloader
    [17/03/2007|20:32] C:\Program Files\WinRAR
    [25/02/2007|15:50] C:\Program Files\Ulead Systems
    [22/02/2007|18:57] C:\Program Files\Winamp
    [22/02/2007|18:57] C:\Program Files\Wanadoo
    [22/02/2007|18:57] C:\Program Files\Sunbelt Software
    [22/02/2007|18:57] C:\Program Files\Movie Maker
    [22/02/2007|18:57] C:\Program Files\Morpheus Software
    [22/02/2007|18:57] C:\Program Files\Microsoft Picture It! 9
    [22/02/2007|18:57] C:\Program Files\Microsoft Encarta
    [22/02/2007|18:57] C:\Program Files\pspvideo9
    [22/02/2007|18:57] C:\Program Files\NCH Swift Sound
    [22/02/2007|18:57] C:\Program Files\Messenger
    [22/02/2007|18:57] C:\Program Files\DivX
    [22/01/2007|21:43] C:\Program Files\IVT Corporation
    [22/11/2006|16:42] C:\Program Files\Windows Desktop Search
    [22/11/2006|16:36] C:\Program Files\DWGeditor
    [22/11/2006|16:35] C:\Program Files\SolidWorks Installation Manager
    [25/10/2006|13:36] C:\Program Files\AviSynth 2.5
    [14/10/2006|08:28] C:\Program Files\ashampoo
    [21/09/2006|18:39] C:\Program Files\NetMeeting
    [21/09/2006|18:39] C:\Program Files\Windows NT
    [20/09/2006|20:37] C:\Program Files\Intelore
    [29/08/2006|16:21] C:\Program Files\DV 3500
    [25/07/2006|22:43] C:\Program Files\Magicbit
    [28/06/2006|20:26] C:\Program Files\INFORAD
    [28/06/2006|20:26] C:\Program Files\INFORAD_DRIVERS
    [16/06/2006|21:13] C:\Program Files\Hewlett-Packard
    [06/06/2006|21:16] C:\Program Files\Gadwin Systems
    [06/06/2006|11:49] C:\Program Files\Program Files
    [04/06/2006|21:44] C:\Program Files\SprayR
    [08/05/2006|14:10] C:\Program Files\neodivx2006
    [12/04/2006|19:51] C:\Program Files\Teamspeak2_RC2
    [01/04/2006|18:27] C:\Program Files\Dassault Systemes
    [11/03/2006|14:57] C:\Program Files\VideoLAN
    [02/03/2006|15:55] C:\Program Files\EA GAMES
    [26/02/2006|16:07] C:\Program Files\DiMAGE Viewer
    [10/02/2006|16:10] C:\Program Files\Midas Interactive
    [08/02/2006|23:03] C:\Program Files\AquaScape 3D
    [25/01/2006|17:19] C:\Program Files\D-Tools
    [15/01/2006|18:07] C:\Program Files\EPSON
    [01/07/2005|21:23] C:\Program Files\CyberLink
    [18/02/2005|21:24] C:\Program Files\Home Cinema
    [09/12/2004|18:09] C:\Program Files\Microsoft FrontPage Express
    [01/12/2004|19:08] C:\Program Files\MSN Apps
    [28/08/2004|19:29] C:\Program Files\WindowsUpdate
    [24/08/2004|22:07] C:\Program Files\Spybot - Search & Destroy
    [20/08/2004|12:35] C:\Program Files\Microsoft Office97
    [03/06/2004|19:23] C:\Program Files\Alwil Software
    [04/05/2004|20:58] C:\Program Files\Storm
    [18/04/2004|13:38] C:\Program Files\JavaSoft
    [07/04/2004|08:23] C:\Program Files\PowerArchiver
    [27/03/2004|13:50] C:\Program Files\InterActual
    [28/02/2004|17:49] C:\Program Files\Viewpoint
    [28/02/2004|17:49] C:\Program Files\Nullsoft
    [28/02/2004|17:49] C:\Program Files\Real
    [28/02/2004|16:18] C:\Program Files\MUSICMATCH
    [28/02/2004|16:16] C:\Program Files\Common Files
    [28/02/2004|15:40] C:\Program Files\Medion Tools
    [28/02/2004|15:25] C:\Program Files\OfficeUpdate11
    [28/02/2004|15:05] C:\Program Files\Winbond Electronics Corp
    [28/02/2004|14:51] C:\Program Files\Microsoft Money
    [28/02/2004|14:38] C:\Program Files\Microsoft Works Suite 2004
    [28/02/2004|14:35] C:\Program Files\Ahead
    [28/02/2004|14:16] C:\Program Files\HighMAT CD Writing Wizard
    [28/02/2004|14:11] C:\Program Files\Uninstall Information
    [27/02/2004|19:13] C:\Program Files\USB Wireless Keyboard Driver
    [27/02/2004|19:11] C:\Program Files\C-Media 3D Audio
    [27/02/2004|19:03] C:\Program Files\ATI Technologies
    [27/02/2004|18:45] C:\Program Files\Intel
    [27/02/2004|18:35] C:\Program Files\Windows Journal Viewer
    [27/02/2004|18:30] C:\Program Files\xerox
    [27/02/2004|18:30] C:\Program Files\microsoft frontpage
    [27/02/2004|18:28] C:\Program Files\MSN
    [27/02/2004|18:28] C:\Program Files\MSN Gaming Zone

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [14/02/2008|23:28] C:\Program Files\Fichiers communs\Microsoft Shared
    [14/02/2008|23:27] C:\Program Files\Fichiers communs\System
    [14/02/2008|23:20] C:\Program Files\Fichiers communs\Designer
    [16/01/2008|21:55] C:\Program Files\Fichiers communs\Adobe
    [16/01/2008|21:39] C:\Program Files\Fichiers communs\.
    [16/01/2008|21:39] C:\Program Files\Fichiers communs\Macrovision Shared
    [16/01/2008|21:39] C:\Program Files\Fichiers communs\..
    [12/01/2008|21:29] C:\Program Files\Fichiers communs\Real
    [01/01/2008|16:55] C:\Program Files\Fichiers communs\Autodesk Shared
    [18/10/2007|17:48] C:\Program Files\Fichiers communs\eDrawings2007
    [02/08/2007|20:11] C:\Program Files\Fichiers communs\EPSON
    [22/11/2006|16:37] C:\Program Files\Fichiers communs\SolidWorks Shared
    [22/11/2006|16:25] C:\Program Files\Fichiers communs\Solidworks Data
    [04/06/2006|12:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [06/04/2006|17:41] C:\Program Files\Fichiers communs\Java
    [14/01/2005|18:56] C:\Program Files\Fichiers communs\Python
    [06/09/2004|18:10] C:\Program Files\Fichiers communs\DirectX
    [28/02/2004|17:49] C:\Program Files\Fichiers communs\AOL
    [28/02/2004|15:05] C:\Program Files\Fichiers communs\Borland Shared
    [28/02/2004|15:01] C:\Program Files\Fichiers communs\InstallShield
    [28/02/2004|14:34] C:\Program Files\Fichiers communs\Ahead
    [27/02/2004|18:28] C:\Program Files\Fichiers communs\Services
    [27/02/2004|18:28] C:\Program Files\Fichiers communs\MSSoap
    [27/02/2004|18:26] C:\Program Files\Fichiers communs\ODBC
    [27/02/2004|18:26] C:\Program Files\Fichiers communs\SpeechEngines

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\WINDOWS\Tasks\A809F21391526C17.job

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-15 23:04:42
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:1252][Doss:24] C:\DOCUME~1\Simon\LOCALS~1\Temp
    /!\ [Fich:7706][Doss:8] C:\DOCUME~1\Simon\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 23:05:12.90 ]----------------------
    a b 8 Sécurité
    17 Février 2008 13:19:08

    Reposte un rapport Hijackthis et on attaque.
    17 Février 2008 14:24:10

    Ok merci bien de m'aider, voila le rapport:

    Logfile of HijackThis v1.99.1
    Scan saved at 14:27:21, on 17/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\WINDOWS\CNYHKey.exe
    C:\WINDOWS\Dit.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\mHotkey.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [Dit] Dit.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\List fork.exe
    O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
    O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

    a b 8 Sécurité
    17 Février 2008 15:54:08

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)


    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR
    C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR
    C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR
    C:\WINDOWS\tasks\A809F21391526C17.job
    C:\Program Files\vmntoolbar
    C:\Program Files\Dot1XCfg

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    17 Février 2008 19:31:20

    Voila:

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data moved successfully.
    C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR\NewCfg moved successfully.
    C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR\downfile moved successfully.
    C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR\0 moved successfully.
    C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR moved successfully.
    C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR\NewCfg moved successfully.
    C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR\downfile moved successfully.
    C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR\0 moved successfully.
    C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR moved successfully.
    C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR\NewCfg moved successfully.
    C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR\downfile moved successfully.
    C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR\0 moved successfully.
    C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR moved successfully.
    C:\WINDOWS\tasks\A809F21391526C17.job moved successfully.
    C:\Program Files\vmntoolbar moved successfully.
    File/Folder C:\Program Files\Dot1XCfg not found.

    OTMoveIt2 v1.0.20 log created on 02172008_193350
    17 Février 2008 19:37:07

    Mais les pubs CID sont tj là... Merci beaucoup quand même pour ton aide
    17 Février 2008 19:48:29

    Mais les pubs CID sont tj là... Merci beaucoup quand même pour ton aide
    a b 8 Sécurité
    17 Février 2008 20:11:24

    Reposte un rapport Hijackthis.
    17 Février 2008 23:23:10

    Logfile of HijackThis v1.99.1
    Scan saved at 23:26:37, on 17/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\WINDOWS\CNYHKey.exe
    C:\WINDOWS\Dit.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\WINDOWS\mHotkey.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Adobe\Acrobat 5.0\Acrobat\Acrobat.exe
    C:\Program Files\Fichiers communs\Adobe\Web\AOM.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [Dit] Dit.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\List fork.exe
    O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

    a b 8 Sécurité
    18 Février 2008 12:26:02

    Refais un scan LopSD.
    20 Février 2008 14:23:21

    Merci, je crois que c'est bon, je n'ai plus aucune pub CID

    Merci beaucoup
    a b 8 Sécurité
    20 Février 2008 17:45:15

    Si tu le dis...
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS