Se connecter / S'enregistrer
Votre question

Message csrss.exe sous D?

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Janvier 2008 16:16:09

Bonjour,

J'ai un message inquiétant au démarrage de Windows!
C'est: Windows ne trouve pas "D:\WINDOWS\Média\csrss.exe" Vérifiez si vous avez bien rentré un nom valide.

J'aimerais savoir comment m'en débarraser, si quelqu'un pouvait m'aider.

Voici un rapport édité par SmitFraudFix.exe si cela peut aider?

SmitFraudFix v2.274

Rapport fait à 15:54:31,15, 19/01/2008
Executé à partir de C:\Documents and Settings\RICHARD\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Medion Info Display\MdionLCM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RICHARD


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\RICHARD\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\RICHARD\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix.exe by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: RT2500 USB Wireless LAN Card
DNS Server Search Order: 84.103.237.141
DNS Server Search Order: 86.64.145.141

HKLM\SYSTEM\CCS\Services\Tcpip\..\{D2F06B0D-1726-4BC8-B13D-08EFFE8C00D2}: NameServer=84.103.237.141,86.64.145.141
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D2F06B0D-1726-4BC8-B13D-08EFFE8C00D2}: NameServer=84.103.237.141,86.64.145.141
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D2F06B0D-1726-4BC8-B13D-08EFFE8C00D2}: NameServer=84.103.237.141,86.64.145.141


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


Merci

Autres pages sur : message csrss exe

19 Janvier 2008 20:51:00

Merci de m'apporter ton aide, voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:48:17, on 19/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Medion Info Display\MdionLCM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?id=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
F2 - REG:system.ini: Shell=explorer.exe D:\WINDOWS\Media\csrss.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MedionVFD] "C:\Program Files\Medion Info Display\MdionLCM.exe"
O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [DumpTeam] C:\WinDev 11\DumpTeam_Pack_v4.5a6.exe /S
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PollCamp] C:\DOCUME~1\RICHARD\APPLIC~1\SCRBIR~1\software64browse.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2F06B0D-1726-4BC8-B13D-08EFFE8C00D2}: NameServer = 84.103.237.141,86.64.145.141
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 11215 bytes
Contenus similaires
20 Janvier 2008 11:34:29

Y aurait il un "HELPER" dans le coin...svp
20 Janvier 2008 12:34:25

Voilà, j'ai lancé Spybot...pour lui les problèmes sont résolus, mais j'ai redémarré et le message initial réapparait!
Que dois je faire?
a b 8 Sécurité
20 Janvier 2008 16:32:43

Tu peux patienter ?

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    20 Janvier 2008 23:14:00

    Excuse mon impatience, mais les messages se multiplient! Maintenant c'est des messages de type: "explorer.exe a rencontré un problème et va fermer" après les messages "D:\Csrss.exe ........."

    Voici le rapport sur Lop:


    -----------------------------[ Lop S&D 2.0.6 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

    [ USER: RICHARD ] [ "C:\Program Files\Lop SD" ]

    [ 20/01/2008 | 23:05:46,75 ] [ LERICCI ]


    -------------[ Listing des dossiers dans Application Data ]------------

    [20/01/2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [20/01/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [20/01/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [20/01/2008|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [19/01/2008|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [02/12/2007|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [02/12/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
    [02/12/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [22/11/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [22/11/2007|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flag Proc Win Deaf
    [14/08/2007|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [18/05/2007|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [27/04/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [20/03/2007|00:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings
    [30/12/2005|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [28/12/2005|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [27/11/2005|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [04/11/2005|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [27/10/2005|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [19/10/2005|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [19/10/2005|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [19/10/2005|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [19/10/2005|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [19/10/2005|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA

    [30/12/2005|15:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [04/11/2005|11:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
    [04/11/2005|11:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [04/11/2005|10:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28/10/2005|21:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
    [28/10/2005|21:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [27/10/2005|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [19/10/2005|20:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [19/10/2005|14:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [19/10/2005|12:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities


    [31/10/2006|20:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [26/10/2005|23:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [31/10/2006|20:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\MetaProducts
    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [28/02/2006|22:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

    [19/01/2008|21:49] C:\DOCUME~1\RICHARD\APPLIC~1\..
    [19/01/2008|21:49] C:\DOCUME~1\RICHARD\APPLIC~1\.
    [19/01/2008|21:48] C:\DOCUME~1\RICHARD\APPLIC~1\wklnhst.dat
    [19/01/2008|00:58] C:\DOCUME~1\RICHARD\APPLIC~1\Graphisoft
    [11/12/2007|20:29] C:\DOCUME~1\RICHARD\APPLIC~1\Scr Bird Does
    [09/12/2007|15:18] C:\DOCUME~1\RICHARD\APPLIC~1\SecuROM
    [02/12/2007|19:40] C:\DOCUME~1\RICHARD\APPLIC~1\Real
    [30/11/2007|21:06] C:\DOCUME~1\RICHARD\APPLIC~1\Search Settings
    [30/11/2007|20:17] C:\DOCUME~1\RICHARD\APPLIC~1\dBpoweramp
    [30/11/2007|20:10] C:\DOCUME~1\RICHARD\APPLIC~1\AccurateRip
    [23/11/2007|20:38] C:\DOCUME~1\RICHARD\APPLIC~1\GDIPFONTCACHEV1.DAT
    [14/08/2007|13:54] C:\DOCUME~1\RICHARD\APPLIC~1\AVS4YOU
    [29/07/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Steinberg
    [09/07/2007|21:29] C:\DOCUME~1\RICHARD\APPLIC~1\Microsoft
    [04/06/2007|19:06] C:\DOCUME~1\RICHARD\APPLIC~1\IDS_COMPANY
    [18/05/2007|12:21] C:\DOCUME~1\RICHARD\APPLIC~1\AdobeUM
    [18/05/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Adobe
    [13/05/2007|09:40] C:\DOCUME~1\RICHARD\APPLIC~1\Help
    [28/04/2007|21:05] C:\DOCUME~1\RICHARD\APPLIC~1\DivX
    [28/04/2007|00:05] C:\DOCUME~1\RICHARD\APPLIC~1\vlc
    [09/04/2007|17:13] C:\DOCUME~1\RICHARD\APPLIC~1\Ahead
    [31/03/2007|12:17] C:\DOCUME~1\RICHARD\APPLIC~1\Nikon
    [28/03/2007|22:25] C:\DOCUME~1\RICHARD\APPLIC~1\Media Player Classic
    [25/03/2007|18:12] C:\DOCUME~1\RICHARD\APPLIC~1\MetaProducts
    [25/03/2007|15:19] C:\DOCUME~1\RICHARD\APPLIC~1\BitTorrent
    [25/03/2007|14:58] C:\DOCUME~1\RICHARD\APPLIC~1\Musicmatch
    [25/03/2007|14:53] C:\DOCUME~1\RICHARD\APPLIC~1\BitDownload
    [19/03/2007|20:47] C:\DOCUME~1\RICHARD\APPLIC~1\Google
    [07/03/2007|22:01] C:\DOCUME~1\RICHARD\APPLIC~1\EPSON
    [19/05/2006|11:41] C:\DOCUME~1\RICHARD\APPLIC~1\NeroDCTemplates
    [08/01/2006|22:59] C:\DOCUME~1\RICHARD\APPLIC~1\Logitech
    [30/12/2005|15:22] C:\DOCUME~1\RICHARD\APPLIC~1\AOL
    [04/11/2005|11:47] C:\DOCUME~1\RICHARD\APPLIC~1\You've Got Pictures Screensaver
    [04/11/2005|10:17] C:\DOCUME~1\RICHARD\APPLIC~1\Macromedia
    [28/10/2005|21:40] C:\DOCUME~1\RICHARD\APPLIC~1\CyberLink
    [27/10/2005|00:15] C:\DOCUME~1\RICHARD\APPLIC~1\Sun
    [19/10/2005|14:48] C:\DOCUME~1\RICHARD\APPLIC~1\desktop.ini
    [19/10/2005|12:53] C:\DOCUME~1\RICHARD\APPLIC~1\Identities

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [20/01/2008 09:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
    [20/01/2008 12:26][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [20/01/2008|23:05] C:\Program Files\Lop SD
    [20/01/2008|23:04] C:\Program Files\..
    [20/01/2008|23:04] C:\Program Files\.
    [20/01/2008|22:11] C:\Program Files\eMule
    [20/01/2008|11:48] C:\Program Files\Spybot - Search & Destroy
    [20/01/2008|09:55] C:\Program Files\Apple Software Update
    [19/01/2008|20:47] C:\Program Files\Trend Micro
    [19/01/2008|14:25] C:\Program Files\Java
    [19/01/2008|13:46] C:\Program Files\QuickTime
    [19/01/2008|01:14] C:\Program Files\Fichiers communs
    [19/01/2008|00:10] C:\Program Files\InstallShield Installation Information
    [05/01/2008|11:07] C:\Program Files\Micro Application
    [14/12/2007|17:34] C:\Program Files\Internet Explorer
    [09/12/2007|10:37] C:\Program Files\Avast4
    [02/12/2007|20:23] C:\Program Files\Google
    [02/12/2007|20:23] C:\Program Files\dBpowerAMP12.2
    [02/12/2007|20:18] C:\Program Files\K-Lite Codec Pack
    [02/12/2007|20:10] C:\Program Files\DivX
    [02/12/2007|20:03] C:\Program Files\Xvid
    [02/12/2007|19:44] C:\Program Files\Real Alternative
    [01/12/2007|11:33] C:\Program Files\Home Cinema
    [30/11/2007|20:38] C:\Program Files\Search Settings
    [30/11/2007|20:33] C:\Program Files\Free Audio Pack
    [25/11/2007|16:01] C:\Program Files\Multi_Media
    [24/11/2007|15:14] C:\Program Files\Windows NT
    [24/11/2007|15:04] C:\Program Files\AC3Filter
    [24/11/2007|13:12] C:\Program Files\Pando Networks
    [22/11/2007|19:56] C:\Program Files\Elaborate Bytes
    [19/11/2007|00:28] C:\Program Files\Attack on Pearl Harbor
    [06/11/2007|20:14] C:\Program Files\Windows Media Player
    [06/11/2007|20:08] C:\Program Files\Windows Media Connect 2
    [22/09/2007|09:30] C:\Program Files\Unlocker
    [16/09/2007|16:01] C:\Program Files\SUPER-Vid
    [15/08/2007|23:08] C:\Program Files\MSXML 6.0
    [14/08/2007|14:32] C:\Program Files\Haali
    [14/08/2007|14:31] C:\Program Files\Riam
    [14/08/2007|14:27] C:\Program Files\MKVtoolnix
    [14/08/2007|14:23] C:\Program Files\Ripp-it_AM
    [08/08/2007|08:36] C:\Program Files\eRightSoft
    [08/08/2007|08:36] C:\Program Files\SUPER-Vid‚o
    [29/07/2007|11:03] C:\Program Files\Steinberg
    [11/07/2007|17:08] C:\Program Files\emoticones.exe
    [11/07/2007|17:08] C:\Program Files\emoticones1_5.exe
    [16/06/2007|13:21] C:\Program Files\WinRAR
    [13/06/2007|19:24] C:\Program Files\Outlook Express
    [18/05/2007|20:36] C:\Program Files\DivX3.11a
    [14/05/2007|23:04] C:\Program Files\DVD Shrink
    [10/05/2007|22:55] C:\Program Files\Audacity
    [08/05/2007|10:26] C:\Program Files\RALINK
    [30/04/2007|09:08] C:\Program Files\MSBuild
    [30/04/2007|09:03] C:\Program Files\Reference Assemblies
    [28/04/2007|19:11] C:\Program Files\AviSynth 2.5
    [28/04/2007|00:03] C:\Program Files\Vid‚o-Lecteur
    [08/04/2007|10:42] C:\Program Files\Realtek
    [03/04/2007|00:09] C:\Program Files\Monkey's Audio
    [31/03/2007|19:08] C:\Program Files\Nikon
    [28/03/2007|22:25] C:\Program Files\KC Softwares
    [25/03/2007|18:12] C:\Program Files\Download Express
    [25/03/2007|14:59] C:\Program Files\Windows Media Connect
    [25/03/2007|14:58] C:\Program Files\MUSICMATCH
    [22/03/2007|18:51] C:\Program Files\EPSON
    [20/03/2007|21:29] C:\Program Files\MSN Messenger
    [20/03/2007|21:23] C:\Program Files\Uninstall Information
    [20/03/2007|00:59] C:\Program Files\MSXML 4.0
    [20/03/2007|00:20] C:\Program Files\Medion Info Display
    [20/03/2007|00:08] C:\Program Files\X10 Hardware
    [10/03/2007|10:59] C:\Program Files\Accel charg
    [07/03/2007|21:39] C:\Program Files\Microsoft Works
    [07/03/2007|21:39] C:\Program Files\Messenger
    [07/11/2006|21:15] C:\Program Files\Electronic Arts
    [11/07/2006|21:44] C:\Program Files\CyberLink
    [05/07/2006|19:12] C:\Program Files\YAMAHA
    [05/07/2006|19:12] C:\Program Files\Ahead
    [05/07/2006|19:12] C:\Program Files\Adobe
    [10/03/2006|22:27] C:\Program Files\Eidos Interactive
    [08/01/2006|22:56] C:\Program Files\Logitech
    [04/11/2005|11:47] C:\Program Files\Viewpoint
    [03/11/2005|18:35] C:\Program Files\Microsoft Works Suite 2006
    [26/10/2005|23:07] C:\Program Files\Common Files
    [19/10/2005|20:55] C:\Program Files\Microsoft AutoRoute
    [19/10/2005|20:52] C:\Program Files\Encarta
    [19/10/2005|20:44] C:\Program Files\Microsoft Office
    [19/10/2005|15:23] C:\Program Files\USB Wireless Keyboard Driver
    [19/10/2005|15:13] C:\Program Files\C-Media USB2.0 Card Reader
    [19/10/2005|14:02] C:\Program Files\Intel
    [19/10/2005|12:57] C:\Program Files\Windows Journal Viewer
    [19/10/2005|12:53] C:\Program Files\xerox
    [19/10/2005|12:53] C:\Program Files\microsoft frontpage
    [19/10/2005|12:52] C:\Program Files\Services en ligne
    [19/10/2005|12:52] C:\Program Files\NetMeeting
    [19/10/2005|12:52] C:\Program Files\Movie Maker
    [19/10/2005|12:51] C:\Program Files\MSN Gaming Zone
    [19/10/2005|12:51] C:\Program Files\MSN
    [28/06/2005|11:22] C:\Program Files\vob2mpg.exe

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [19/01/2008|01:14] C:\Program Files\Fichiers communs\PC SOFT
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\..
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\.
    [14/08/2007|13:59] C:\Program Files\Fichiers communs\AVSMedia
    [14/08/2007|13:51] C:\Program Files\Fichiers communs\Microsoft Shared
    [13/06/2007|19:24] C:\Program Files\Fichiers communs\System
    [28/04/2007|13:16] C:\Program Files\Fichiers communs\muvee Technologies
    [27/04/2007|18:31] C:\Program Files\Fichiers communs\ODBC
    [31/03/2007|12:17] C:\Program Files\Fichiers communs\Nikon
    [05/07/2006|19:12] C:\Program Files\Fichiers communs\aolshare
    [28/01/2006|19:33] C:\Program Files\Fichiers communs\Adobe
    [08/01/2006|22:56] C:\Program Files\Fichiers communs\Logitech
    [30/12/2005|15:22] C:\Program Files\Fichiers communs\AOL
    [04/11/2005|11:47] C:\Program Files\Fichiers communs\Nullsoft
    [04/11/2005|11:41] C:\Program Files\Fichiers communs\InstallShield
    [19/10/2005|20:44] C:\Program Files\Fichiers communs\Designer
    [19/10/2005|20:17] C:\Program Files\Fichiers communs\Java
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\LightScribe
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\Nero
    [19/10/2005|20:15] C:\Program Files\Fichiers communs\Ahead
    [19/10/2005|14:48] C:\Program Files\Fichiers communs\SpeechEngines
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\Services
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\MSSoap

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\DOCUME~1\RICHARD\APPLIC~1\SCRBIR~1

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\RICHARD\APPLIC~1\Bitdownload
    C:\DOCUME~1\RICHARD\APPLIC~1\Bitdownload\Data
    C:\Program Files\Multi_Media
    C:\Program Files\Multi_Media\INSTALL.LOG
    C:\Program Files\Multi_Media\LanguagePack.xml
    C:\Program Files\Multi_Media\LocalSettings.txt
    C:\Program Files\Multi_Media\RadioPlayer
    C:\Program Files\Multi_Media\rss
    C:\Program Files\Multi_Media\tbMul1.dll
    C:\Program Files\Multi_Media\tbMult.dll
    C:\Program Files\Multi_Media\ThirdPartyComponents.xml
    C:\Program Files\Multi_Media\toolbar.cfg
    C:\Program Files\Multi_Media\UNWISE.EXE
    C:\Program Files\Multi_Media\update.xml

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\jugs bib bits]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\RICHARD\\APPLIC~1\\SCRBIR~1\\software64browse.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PollCamp"="C:\\DOCUME~1\\RICHARD\\APPLIC~1\\SCRBIR~1\\software64browse.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD
    # Start of entries inserted by Spybot - Search & Destroy
    127.0.0.1 007guard.com
    127.0.0.1 www.007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 www.008k.com
    127.0.0.1 00hq.com
    127.0.0.1 www.00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 www.032439.com
    127.0.0.1 1001-search.info
    127.0.0.1 www.1001-search.info
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 123topsearch.com
    127.0.0.1 www.123topsearch.com
    127.0.0.1 132.com
    127.0.0.1 www.132.com
    127.0.0.1 136136.net
    127.0.0.1 www.136136.net
    127.0.0.1 139mm.com
    127.0.0.1 www.139mm.com
    127.0.0.1 163ns.com
    127.0.0.1 www.163ns.com
    127.0.0.1 171203.com
    127.0.0.1 17-plus.com
    127.0.0.1 1800searchonline.com
    127.0.0.1 www.1800searchonline.com
    127.0.0.1 180searchassistant.com
    127.0.0.1 www.180searchassistant.com
    127.0.0.1 180solutions.com
    127.0.0.1 www.180solutions.com
    127.0.0.1 181.365soft.info
    127.0.0.1 www.181.365soft.info
    127.0.0.1 1987324.com
    127.0.0.1 www.1987324.com
    127.0.0.1 1-domains-registrations.com
    127.0.0.1 www.1-domains-registrations.com
    127.0.0.1 1-extreme.biz
    127.0.0.1 www.1-extreme.biz
    127.0.0.1 1sexparty.com
    127.0.0.1 www.1sexparty.com
    127.0.0.1 1stantivirus.com
    127.0.0.1 www.1stantivirus.com
    127.0.0.1 1stpagehere.com
    127.0.0.1 www.1stpagehere.com
    127.0.0.1 1stsearchportal.com
    127.0.0.1 www.1stsearchportal.com
    127.0.0.1 2.82211.net
    127.0.0.1 www.2006ooo.com
    127.0.0.1 2007-download.com
    127.0.0.1 www.2007-download.com
    127.0.0.1 2020search.com
    127.0.0.1 www.2020search.com
    127.0.0.1 20x2p.com
    127.0.0.1 24.365soft.info
    127.0.0.1 www.24.365soft.info
    127.0.0.1 24-7pharmacy.info
    127.0.0.1 www.24-7pharmacy.info
    127.0.0.1 24-7searching-and-more.com
    127.0.0.1 www.24-7searching-and-more.com
    127.0.0.1 24teen.com
    127.0.0.1 www.24teen.com
    127.0.0.1 2every.net
    127.0.0.1 www.2every.net
    127.0.0.1 2ndpower.com
    127.0.0.1 2search.com
    127.0.0.1 www.2search.com
    127.0.0.1 2search.org
    127.0.0.1 www.2search.org
    127.0.0.1 2squared.com
    127.0.0.1 www.2squared.com
    127.0.0.1 3322.org
    127.0.0.1 www.3322.org
    127.0.0.1 365soft.info
    127.0.0.1 36site.com
    127.0.0.1 www.36site.com
    127.0.0.1 3721.com
    127.0.0.1 39-93.com
    127.0.0.1 3abetterinternet.com
    127.0.0.1 www.3abetterinternet.com
    127.0.0.1 3bay.it
    127.0.0.1 www.3bay.it
    127.0.0.1 3ebay.it
    127.0.0.1 www.3ebay.it
    127.0.0.1 404dns.com
    127.0.0.1 www.404dns.com
    127.0.0.1 4199.com
    127.0.0.1 www.4199.com
    127.0.0.1 4corn.net
    127.0.0.1 www.4corn.net
    127.0.0.1 4ebay.it
    127.0.0.1 www.4ebay.it
    127.0.0.1 4klm.com
    127.0.0.1 4repubblica.it
    127.0.0.1 www.4repubblica.it
    127.0.0.1 4softget.com
    127.0.0.1 www.4softget.com
    127.0.0.1 5iscali.it
    127.0.0.1 www.5iscali.it
    127.0.0.1 5repubblica.it
    127.0.0.1 www.5repubblica.it
    127.0.0.1 5starvideos.com
    127.0.0.1 www.5starvideos.com
    127.0.0.1 5tiscali.it
    127.0.0.1 www.5tiscali.it
    127.0.0.1 5zgmu7o20kt5d8yq.com
    127.0.0.1 www.5zgmu7o20kt5d8yq.com
    127.0.0.1 6iscali.it
    127.0.0.1 www.6iscali.it
    127.0.0.1 6sek.com
    127.0.0.1 www.6sek.com
    127.0.0.1 6tiscali.it
    127.0.0.1 www.6tiscali.it
    127.0.0.1 7322.com
    127.0.0.1 www.7322.com
    127.0.0.1 75tz.com
    127.0.0.1 777search.com
    127.0.0.1 www.777search.com
    127.0.0.1 777top.com
    127.0.0.1 www.777top.com
    127.0.0.1 7939.com
    127.0.0.1 www.7939.com
    127.0.0.1 7search.com
    127.0.0.1 www.7search.com
    127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
    127.0.0.1 82211.net
    127.0.0.1 8866.org
    127.0.0.1 888.com
    127.0.0.1 www.888.com
    127.0.0.1 images.888.com
    127.0.0.1 8ad.com
    127.0.0.1 www.8ad.com
    127.0.0.1 9505.com
    127.0.0.1 www.9505.com
    127.0.0.1 971searchbox.com
    127.0.0.1 www.971searchbox.com
    127.0.0.1 a.bestmanage.org
    127.0.0.1 aaasexypics.com
    127.0.0.1 aaawebfinder.com
    127.0.0.1 www.aaawebfinder.com
    127.0.0.1 aavc.com
    127.0.0.1 abc-find.info
    127.0.0.1 www.abc-find.info
    127.0.0.1 abetterinternet.com
    127.0.0.1 www.abetterinternet.com
    127.0.0.1 abnetsoft.info
    127.0.0.1 www.abnetsoft.info
    127.0.0.1 aboutclicker.com
    127.0.0.1 www.aboutclicker.com
    127.0.0.1 abrp.net
    127.0.0.1 www.abrp.net
    127.0.0.1 absolutee.com
    127.0.0.1 www.absolutee.com
    127.0.0.1 abyssmedia.com
    127.0.0.1 www.abyssmedia.com
    127.0.0.1 ac66.cn
    127.0.0.1 www.ac66.cn
    127.0.0.1 access.Navinetwork.com
    127.0.0.1 access.rapid-pass.net
    127.0.0.1 accessactivexvideo.com
    127.0.0.1 www.accessactivexvideo.com
    127.0.0.1 accessclips.com
    127.0.0.1 www.accessclips.com
    127.0.0.1 access-dvd.com
    127.0.0.1 www.access-dvd.com
    127.0.0.1 accesskeygenerator.com
    127.0.0.1 www.accesskeygenerator.com
    127.0.0.1 accessorygeeks.com
    127.0.0.1 www.accessorygeeks.com
    127.0.0.1 accessthefuture.net
    127.0.0.1 www.accessthefuture.net
    127.0.0.1 accessvid.net
    127.0.0.1 www.accessvid.net
    127.0.0.1 acemedic.com
    127.0.0.1 www.acemedic.com
    127.0.0.1 ace-webmaster.com
    127.0.0.1 www.ace-webmaster.com
    127.0.0.1 acjp.com
    127.0.0.1 acrobat-2007.com
    127.0.0.1 www.acrobat-2007.com
    127.0.0.1 acrobat-8.com
    127.0.0.1 www.acrobat-8.com
    127.0.0.1 acrobat-center.com
    127.0.0.1 www.acrobat-center.com
    127.0.0.1 acrobat-hq.com
    127.0.0.1 www.acrobat-hq.com
    127.0.0.1 acrobatreader-8.com
    127.0.0.1 www.acrobatreader-8.com
    127.0.0.1 acrobat-reader-8.de
    127.0.0.1 www.acrobat-reader-8.de
    127.0.0.1 acrobat-stop.com
    127.0.0.1 www.acrobat-stop.com
    127.0.0.1 actionbreastcancer.org
    127.0.0.1 www.actionbreastcancer.org
    127.0.0.1 activesearcher.info
    127.0.0.1 www.activesearcher.info
    127.0.0.1 activexaccessobject.com
    127.0.0.1 www.activexaccessobject.com
    127.0.0.1 activexaccessvideo.com
    127.0.0.1 www.activexaccessvideo.com
    127.0.0.1 activexemedia.com
    127.0.0.1 www.activexemedia.com
    127.0.0.1 activexmediaobject.com
    127.0.0.1 www.activexmediaobject.com
    127.0.0.1 activexmediapro.com
    127.0.0.1 www.activexmediapro.com
    127.0.0.1 activexmediasite.com
    127.0.0.1 www.activexmediasite.com
    127.0.0.1 activexmediasoftware.com
    127.0.0.1 www.activexmediasoftware.com
    127.0.0.1 activexmediasource.com
    127.0.0.1 www.activexmediasource.com
    127.0.0.1 activexmediatool.com
    127.0.0.1 www.activexmediatool.com
    127.0.0.1 activexmediatour.com
    127.0.0.1 www.activexmediatour.com
    127.0.0.1 activexsoftwares.com
    127.0.0.1 www.activexsoftwares.com
    127.0.0.1 activexsource.com
    127.0.0.1 www.activexsource.com
    127.0.0.1 activexupdate.com
    127.0.0.1 www.activexupdate.com
    127.0.0.1 activexvideo.com
    127.0.0.1 www.activexvideo.com
    127.0.0.1 activexvideotool.com
    127.0.0.1 www.activexvideotool.com
    127.0.0.1 ad.marketingsector.com
    127.0.0.1 www.ad.marketingsector.com
    127.0.0.1 ad.mokead.com
    127.0.0.1 www.ad.mokead.com
    127.0.0.1 ad.yieldmanager.com
    127.0.0.1 www.ad.yieldmanager.com
    127.0.0.1 ad25.com
    127.0.0.1 ad45.com
    127.0.0.1 ad77.com
    127.0.0.1 ad86.com
    127.0.0.1 adamsupportgroup.org
    127.0.0.1 www.adamsupportgroup.org
    127.0.0.1 adarmor.com
    127.0.0.1 www.adarmor.com
    127.0.0.1 adasearch.com
    127.0.0.1 www.adasearch.com
    127.0.0.1 adaware.cc
    127.0.0.1 adawarenow.com
    127.0.0.1 www.adawarenow.com
    127.0.0.1 addictivetechnologies.com
    127.0.0.1 www.addictivetechnologies.com
    127.0.0.1 addictivetechnologies.net
    127.0.0.1 www.addictivetechnologies.net
    127.0.0.1 add-manager.com
    127.0.0.1 www.add-manager.com
    127.0.0.1 adgate.info
    127.0.0.1 www.adgate.info
    127.0.0.1 adipics.com
    127.0.0.1 www.adipics.com
    127.0.0.1 admin2cash.biz
    127.0.0.1 www.admin2cash.biz
    127.0.0.1 adnet-plus.com
    127.0.0.1 adobe-download-now.com
    127.0.0.1 adobe-downloads.com
    127.0.0.1 www.adobe-downloads.com
    127.0.0.1 adobe-reader-8.fr
    127.0.0.1 www.adobe-reader-8.fr
    127.0.0.1 adprotect.com
    127.0.0.1 www.adprotect.com
    127.0.0.1 ads.centralmedia.ws
    127.0.0.1 ads.k8l.info
    127.0.0.1 ads.kmpads.com
    127.0.0.1 ads.marketingsector.com
    127.0.0.1 ads.searchingbooth.com
    127.0.0.1 ads.z-quest.com
    127.0.0.1 ads183.com
    127.0.0.1 www.ads183.com
    127.0.0.1 adscontex.com
    127.0.0.1 www.adscontex.com
    127.0.0.1 adservices1.enhance.com
    127.0.0.1 www.adservices1.enhance.com
    127.0.0.1 adservs.com
    127.0.0.1 adsextend.net
    127.0.0.1 www.adsextend.net
    127.0.0.1 adshttp.com
    127.0.0.1 www.adshttp.com
    127.0.0.1 adsonwww.com
    127.0.0.1 www.adsonwww.com
    127.0.0.1 adspics.com
    127.0.0.1 www.adspics.com
    127.0.0.1 adtrak.net
    127.0.0.1 www.adtrak.net
    127.0.0.1 adtrgt.com
    127.0.0.1 adult777search.info
    127.0.0.1 www.adult777search.info
    127.0.0.1 adultan.com
    127.0.0.1 www.adultan.com
    127.0.0.1 adult-engine-search.com
    127.0.0.1 www.adult-engine-search.com
    127.0.0.1 adult-erotic-guide.net
    127.0.0.1 www.adult-erotic-guide.net
    127.0.0.1 adultfilmsite.com
    127.0.0.1 www.adultfilmsite.com
    127.0.0.1 adult-friends-finder.net
    127.0.0.1 www.adult-friends-finder.net
    127.0.0.1 adultgambling.org
    127.0.0.1 adult-host.org
    127.0.0.1 adulthyperlinks.com
    127.0.0.1 www.adulthyperlinks.com
    127.0.0.1 adultmovieplus.com
    127.0.0.1 www.adultmovieplus.com
    127.0.0.1 adult-personal.us
    127.0.0.1 adultsgames.net
    127.0.0.1 adultsper.com
    127.0.0.1 www.adultsper.com
    127.0.0.1 adulttds.com
    127.0.0.1 www.adulttds.com
    127.0.0.1 adultzoneworld.com
    127.0.0.1 www.adultzoneworld.com
    127.0.0.1 advcash.biz
    127.0.0.1 www.advcash.biz
    127.0.0.1 advert.exaccess.ru
    127.0.0.1 advertisemoney.info
    127.0.0.1 www.advertisemoney.info
    127.0.0.1 advertising.paltalk.com
    127.0.0.1 advertising-money.info
    127.0.0.1 www.advertising-money.info
    127.0.0.1 ad-ware.cc
    127.0.0.1 ad-w-a-r-e.com
    127.0.0.1 www.ad-w-a-r-e.com
    127.0.0.1 a-d-w-a-r-e.com
    127.0.0.1 www.a-d-w-a-r-e.com
    127.0.0.1 adwarebazooka.com
    127.0.0.1 www.adwarebazooka.com
    127.0.0.1 adwarefinder.com
    127.0.0.1 www.adwarefinder.com
    127.0.0.1 adwareprotectionsite.com
    127.0.0.1 www.adwareprotectionsite.com
    127.0.0.1 adwarepunisher.com
    127.0.0.1 www.adwarepunisher.com
    127.0.0.1 aflgate.com
    127.0.0.1 www.aflgate.com
    127.0.0.1 africaspromise.org
    127.0.0.1 agava.com
    127.0.0.1 agava.ru
    127.0.0.1 agentstudio.com
    127.0.0.1 aginegialle.it
    127.0.0.1 www.aginegialle.it
    127.0.0.1 www.aifind.info
    127.0.0.1 aifind.info
    127.0.0.1 airtleworld.com
    127.0.0.1 www.airtleworld.com
    127.0.0.1 aitalia.it
    127.0.0.1 www.aitalia.it
    127.0.0.1 akamai.downloadv3.com
    127.0.0.1 aklitalia.it
    127.0.0.1 www.aklitalia.it
    127.0.0.1 akril.com
    127.0.0.1 alcatel.ws
    127.0.0.1 alfacleaner.com
    127.0.0.1 www.alfacleaner.com
    127.0.0.1 alfa-search.com
    127.0.0.1 alialia.it
    127.0.0.1 www.alialia.it
    127.0.0.1 aliotalia.it
    127.0.0.1 www.aliotalia.it
    127.0.0.1 alirtalia.it
    127.0.0.1 www.alirtalia.it
    127.0.0.1 alitaia.it
    127.0.0.1 www.alitaia.it
    127.0.0.1 alitaklia.it
    127.0.0.1 www.alitaklia.it
    127.0.0.1 alitala.it
    127.0.0.1 www.alitala.it
    127.0.0.1 alitali.it
    127.0.0.1 www.alitali.it
    127.0.0.1 alitaliaq.it
    127.0.0.1 www.alitaliaq.it
    127.0.0.1 alitalias.it
    127.0.0.1 www.alitalias.it
    127.0.0.1 alitaliaz.it
    127.0.0.1 www.alitaliaz.it
    127.0.0.1 alitalioa.it
    127.0.0.1 www.alitalioa.it
    127.0.0.1 alitalisa.it
    127.0.0.1 www.alitalisa.it
    127.0.0.1 alitaliua.it
    127.0.0.1 www.alitaliua.it
    127.0.0.1 alitalkia.it
    127.0.0.1 www.alitalkia.it
    127.0.0.1 alitaloia.it
    127.0.0.1 www.alitaloia.it
    127.0.0.1 alitaluia.it
    127.0.0.1 www.alitaluia.it
    127.0.0.1 alitaslia.it
    127.0.0.1 www.alitaslia.it
    127.0.0.1 alitlia.it
    127.0.0.1 www.alitlia.it
    127.0.0.1 alitralia.it
    127.0.0.1 www.alitralia.it
    127.0.0.1 alitsalia.it
    127.0.0.1 www.alitsalia.it
    127.0.0.1 aliutalia.it
    127.0.0.1 www.aliutalia.it
    127.0.0.1 ALL1COUNT.NET
    127.0.0.1 www.ALL1COUNT.NET
    127.0.0.1 all4internet.com
    127.0.0.1 www.all4internet.com
    127.0.0.1 allabtcars.com
    127.0.0.1 allabtjeeps.com
    127.0.0.1 all-bittorrent.com
    127.0.0.1 www.all-bittorrent.com
    127.0.0.1 www.allcybersearch.com
    127.0.0.1 allcybersearch.com
    127.0.0.1 alldnserrors.com
    127.0.0.1 www.alldnserrors.com
    127.0.0.1 all-downloads-now.com
    127.0.0.1 www.all-downloads-now.com
    127.0.0.1 all-edonkey.com
    127.0.0.1 www.all-edonkey.com
    127.0.0.1 allforadult.com
    127.0.0.1 allhyperlinks.com
    127.0.0.1 alliesecurity.com
    127.0.0.1 www.alliesecurity.com
    127.0.0.1 all-inet.com
    127.0.0.1 allinternetbusiness.com
    127.0.0.1 all-limewire.com
    127.0.0.1 www.all-limewire.com
    127.0.0.1 allmegabucks.com
    127.0.0.1 www.allmegabucks.com
    127.0.0.1 allprotections.com
    127.0.0.1 www.allprotections.com
    127.0.0.1 allresultz.net
    127.0.0.1 www.allresultz.net
    127.0.0.1 allsecuritynotes.com
    127.0.0.1 www.allsecuritynotes.com
    127.0.0.1 allsecuritysite.com
    127.0.0.1 www.allsecuritysite.com
    127.0.0.1 allstarsvideos.net
    127.0.0.1 www.allstarsvideos.net
    127.0.0.1 alltruesoftware.com
    127.0.0.1 www.alltruesoftware.com
    127.0.0.1 allvideoactivex.com
    127.0.0.1 www.allvideoactivex.com
    127.0.0.1 almanah.biz
    127.0.0.1 www.almanah.biz
    127.0.0.1 almarvideos.com
    127.0.0.1 aloitalia.it
    127.0.0.1 www.aloitalia.it
    127.0.0.1 aluitalia.it
    127.0.0.1 www.aluitalia.it
    127.0.0.1 amaena.com
    127.0.0.1 www.amaena.com
    127.0.0.1 amandamountains.com
    127.0.0.1 amateurliveshow.com
    127.0.0.1 www.amateurliveshow.com
    127.0.0.1 amediasoftware.com
    127.0.0.1 www.amediasoftware.com
    127.0.0.1 amediasource.com
    127.0.0.1 www.amediasource.com
    127.0.0.1 americancarbargains.com
    127.0.0.1 www.americancarbargains.com
    127.0.0.1 american-teens.net
    127.0.0.1 amigeek.com
    127.0.0.1 amisbusiness.com
    127.0.0.1 ampmsearch.com
    127.0.0.1 www.ampmsearch.com
    127.0.0.1 analcord.com
    127.0.0.1 www.analcord.com
    127.0.0.1 analmovi.com
    127.0.0.1 anarchylolita.com
    127.0.0.1 www.anarchylolita.com
    127.0.0.1 anarchyporn.com
    127.0.0.1 andromedical.com
    127.0.0.1 www.andromedical.com
    127.0.0.1 animepornmag.com
    127.0.0.1 www.animepornmag.com
    127.0.0.1 anin.org
    127.0.0.1 anjpn-avxiz.biz
    127.0.0.1 www.anjpn-avxiz.biz
    127.0.0.1 anjpnzqav.biz
    127.0.0.1 www.anjpnzqav.biz
    127.0.0.1 anjpn-zqav.biz
    127.0.0.1 www.anjpn-zqav.biz
    127.0.0.1 annaromeo.com
    127.0.0.1 antiddos.us
    127.0.0.1 www.antiddos.us
    127.0.0.1 Antiespiadorado.com
    127.0.0.1 www.Antiespiadorado.com
    127.0.0.1 Antiespionspack.com
    127.0.0.1 www.Antiespionspack.com
    127.0.0.1 Antigusanos2008.com
    127.0.0.1 www.Antigusanos2008.com
    127.0.0.1 Antispionage.com
    127.0.0.1 www.Antispionage.com
    127.0.0.1 Antispionagepro.com
    127.0.0.1 www.Antispionagepro.com
    127.0.0.1 antispydns.biz
    127.0.0.1 www.antispydns.biz
    127.0.0.1 antispylab.com
    127.0.0.1 www.antispylab.com
    127.0.0.1 antispysolutions.com
    127.0.0.1 www.antispysolutions.com
    127.0.0.1 antispyware.com
    127.0.0.1 www.antispyware.com
    127.0.0.1 antispywarebot.com
    127.0.0.1 www.antispywarebot.com
    127.0.0.1 antispywarebox.com
    127.0.0.1 www.antispywarebox.com
    127.0.0.1 antispywaredownloads.com
    127.0.0.1 www.antispywaredownloads.com
    127.0.0.1 Antispywaresuite.com
    127.0.0.1 www.Antispywaresuite.com
    127.0.0.1 Antispyweb.net
    127.0.0.1 www.Antispyweb.net
    127.0.0.1 Antiver2008.com
    127.0.0.1 www.Antiver2008.com
    127.0.0.1 antivermins.com
    127.0.0.1 www.antivermins.com
    127.0.0.1 anti-vermins.com
    127.0.0.1 www.anti-vermins.com
    127.0.0.1 antivir2007.com
    127.0.0.1 www.antivir2007.com
    127.0.0.1 antivirgear.com
    127.0.0.1 www.antivirgear.com
    127.0.0.1 antivirus.fastfreedownload.com
    127.0.0.1 www.antivirus.fastfreedownload.com
    127.0.0.1 antivirusgolden.com
    127.0.0.1 www.antivirusgolden.com
    127.0.0.1 antivirus-hq.net
    127.0.0.1 www.antivirus-hq.net
    127.0.0.1 anti-virus-pro.com
    127.0.0.1 www.anti-virus-pro.com
    127.0.0.1 antivirusprotector.com
    127.0.0.1 www.antivirusprotector.com
    127.0.0.1 antivirussecuritypro.com
    127.0.0.1 www.antivirussecuritypro.com
    127.0.0.1 antivirus-stop.com
    127.0.0.1 www.antivirus-stop.com
    127.0.0.1 Antiworm2008.com
    127.0.0.1 www.Antiworm2008.com
    127.0.0.1 Antiwurm2008.com
    127.0.0.1 www.Antiwurm2008.com
    127.0.0.1 antrocity.com
    127.0.0.1 anyofus.com
    127.0.0.1 www.anyofus.com
    127.0.0.1 anysn.seproger.com
    127.0.0.1 www.anysn.seproger.com
    127.0.0.1 anything4health.com
    127.0.0.1 apicpreview.com
    127.0.0.1 www.apicpreview.com
    127.0.0.1 appealcircuit.com
    127.0.0.1 www.appealcircuit.com
    127.0.0.1 approvedlinks.com
    127.0.0.1 www.approvedlinks.com
    127.0.0.1 apps.deskwizz.com
    127.0.0.1 apps.webservicehost.com
    127.0.0.1 aprotectedpage.com
    127.0.0.1 www.aprotectedpage.com
    127.0.0.1 apsua.com
    127.0.0.1 archiviosex.net
    127.0.0.1 www.archiviosex.net
    127.0.0.1 aregay.com
    127.0.0.1 ares-freebie.com
    127.0.0.1 www.ares-freebie.com
    127.0.0.1 arespro2007.com
    127.0.0.1 www.arespro2007.com
    127.0.0.1 aresultra.com
    127.0.0.1 www.aresultra.com
    127.0.0.1 ares-usa.com
    127.0.0.1 www.ares-usa.com
    127.0.0.1 arheo.com
    127.0.0.1 arizonaweb.org
    127.0.0.1 armitageinn.com
    127.0.0.1 arquivojpgs.smtp.ru
    127.0.0.1 www.arquivojpgs.smtp.ru
    127.0.0.1 artachnid.com
    127.0.0.1 art-func.com
    127.0.0.1 art-xxx.com
    127.0.0.1 asafebrowser.com
    127.0.0.1 www.asafebrowser.com
    127.0.0.1 asafetynotice.com
    127.0.0.1 www.asafetynotice.com
    127.0.0.1 asafetypage.com
    127.0.0.1 www.asafetypage.com
    127.0.0.1 asdbiz.biz
    127.0.0.1 www.asdbiz.biz
    127.0.0.1 asdeykuddq.com
    127.0.0.1 www.asdeykuddq.com
    127.0.0.1 asecurebar.com
    127.0.0.1 www.asecurebar.com
    127.0.0.1 asecureboard.com
    127.0.0.1 www.asecureboard.com
    127.0.0.1 asecurevalue.com
    127.0.0.1 www.asecurevalue.com
    127.0.0.1 asecurityissue.com
    127.0.0.1 www.asecurityissue.com
    127.0.0.1 asecuritynotice.com
    127.0.0.1 www.asecuritynotice.com
    127.0.0.1 asecuritypaper.com
    127.0.0.1 www.asecuritypaper.com
    127.0.0.1 asecuritystuff.com
    127.0.0.1 www.asecuritystuff.com
    127.0.0.1 asiankingkong.com
    127.0.0.1 asianpornmag.com
    127.0.0.1 www.asianpornmag.com
    127.0.0.1 asiantoolbar.com
    127.0.0.1 www.asiantoolbar.com
    127.0.0.1 asidseiupc.com
    127.0.0.1 www.asidseiupc.com
    127.0.0.1 aslitalia.it
    127.0.0.1 www.aslitalia.it
    127.0.0.1 ass-gals.com
    127.0.0.1 assureprotection.com
    127.0.0.1 www.assureprotection.com
    127.0.0.1 asta-killer.com
    127.0.0.1 asupereva.it
    127.0.0.1 www.asupereva.it
    127.0.0.1 athenrye.com
    127.0.0.1 atotalsafety.com
    127.0.0.1 www.atotalsafety.com
    127.0.0.1 atrueprotection.com
    127.0.0.1 www.atrueprotection.com
    127.0.0.1 atruesecurity.com
    127.0.0.1 www.atruesecurity.com
    127.0.0.1 attackware.com
    127.0.0.1 www.attackware.com
    127.0.0.1 attrezzi.biz
    127.0.0.1 www.attrezzi.biz
    127.0.0.1 aulde.net
    127.0.0.1 www.aulde.net
    127.0.0.1 aupereva.it
    127.0.0.1 www.aupereva.it
    127.0.0.1 autocontext.begun.ru
    127.0.0.1 www.autocontext.begun.ru
    127.0.0.1 autoescrowpay.com
    127.0.0.1 avast.free-software-center.com
    127.0.0.1 www.avast.free-software-center.com
    127.0.0.1 avast-2007.com
    127.0.0.1 www.avast-2007.com
    127.0.0.1 avast-downloads.com
    127.0.0.1 www.avast-downloads.com
    127.0.0.1 avast-hq.com
    127.0.0.1 www.avast-hq.com
    127.0.0.1 avforce.com
    127.0.0.1 www.avforce.com
    127.0.0.1 avg.grab-it-today.net
    127.0.0.1 www.avg.grab-it-today.net
    127.0.0.1 avg.softwarecenterz.com
    127.0.0.1 www.avg.softwarecenterz.com
    127.0.0.1 avg-secure.com
    127.0.0.1 www.avg-secure.com
    127.0.0.1 avian-ads.com
    127.0.0.1 avideoaxaccess.com
    127.0.0.1 www.avideoaxaccess.com
    127.0.0.1 avideosurfer.com
    127.0.0.1 www.avideosurfer.com
    127.0.0.1 aviewersoft.com
    127.0.0.1 www.aviewersoft.com
    127.0.0.1 avpcheckupdate.com
    127.0.0.1 www.avpcheckupdate.com
    127.0.0.1 avxizaaqada.biz
    127.0.0.1 www.avxizaaqada.biz
    127.0.0.1 avxiz-anjpn.biz
    127.0.0.1 www.avxiz-anjpn.biz
    127.0.0.1 avxizueorn.biz
    127.0.0.1 www.avxizueorn.biz
    127.0.0.1 avxiz-ueorn.biz
    127.0.0.1 www.avxiz-ueorn.biz
    127.0.0.1 avxiz-vtvcp.biz
    127.0.0.1 www.avxiz-vtvcp.biz
    127.0.0.1 avxiz-ygco.biz
    127.0.0.1 www.avxiz-ygco.biz
    127.0.0.1 avxiz-zqav.biz
    127.0.0.1 www.avxiz-zqav.biz
    127.0.0.1 awarninglist.com
    127.0.0.1 www.awarninglist.com
    127.0.0.1 awbeta.net-nucleus.com
    127.0.0.1 awesomehomepage.com
    127.0.0.1 www.awesomehomepage.com
    127.0.0.1 awmcash.biz
    127.0.0.1 awmdabest.com
    127.0.0.1 axemediasoftware.com
    127.0.0.1 www.axemediasoftware.com
    127.0.0.1 aximageobject.com
    127.0.0.1 www.aximageobject.com
    127.0.0.1 axmediaproject.com
    127.0.0.1 www.axmediaproject.com
    127.0.0.1 axmediasoftware.com
    127.0.0.1 www.axmediasoftware.com
    127.0.0.1 axmediasolutions.com
    127.0.0.1 www.axmediasolutions.com
    127.0.0.1 axobjectpage.com
    127.0.0.1 www.axobjectpage.com
    127.0.0.1 axobjectsource.com
    127.0.0.1 www.axobjectsource.com
    127.0.0.1 axsoftwaretool.com
    127.0.0.1 www.axsoftwaretool.com
    127.0.0.1 axvideoproject.com
    127.0.0.1 www.axvideoproject.com
    127.0.0.1 axvideosetup.com
    127.0.0.1 www.axvideosetup.com
    127.0.0.1 ayakawamura.com
    127.0.0.1 ayb.dns-look-up.com
    127.0.0.1 ayb.netbios-wait.com
    127.0.0.1 ayumitaniguchi.com
    127.0.0.1 azebar.com
    127.0.0.1 azureusclub.com
    127.0.0.1 www.azureusclub.com
    127.0.0.1 azureus-freebie.com
    127.0.0.1 www.azureus-freebie.com
    127.0.0.1 azzetta.it
    127.0.0.1 www.azzetta.it
    127.0.0.1 b.casalemedia.com
    127.0.0.1 babe.k-lined.com
    127.0.0.1 www.babe.k-lined.com
    127.0.0.1 babe.the-killer.bz
    127.0.0.1 www.babe.the-killer.bz
    127.0.0.1 babenet.com
    127.0.0.1 www.babenet.com
    127.0.0.1 babespornmag.com
    127.0.0.1 www.babespornmag.com
    127.0.0.1 babeweb.de
    127.0.0.1 www.babeweb.de
    127.0.0.1 baccarat-other.info
    127.0.0.1 www.baccarat-other.info
    127.0.0.1 Backstripgirls.com
    127.0.0.1 www.Backstripgirls.com
    127.0.0.1 backup.mabou.org
    127.0.0.1 balotierra.com
    127.0.0.1 www.balotierra.com
    127.0.0.1 bannedhost.net
    127.0.0.1 barbudafarms.com
    127.0.0.1 bardownload.com
    127.0.0.1 www.bardownload.com
    127.0.0.1 barnandfence.com
    127.0.0.1 batsearch.com
    127.0.0.1 baygraphicsllc.com
    127.0.0.1 bbbsearch.com
    127.0.0.1 bb-search.com
    127.0.0.1 bdsmlibrary.net
    127.0.0.1 bdsmpornmag.com
    127.0.0.1 www.bdsmpornmag.com
    127.0.0.1 bearshare.download-me.info
    127.0.0.1 www.bearshare.download-me.info
    127.0.0.1 bearshare.mp3-muzic.com
    127.0.0.1 www.bearshare.mp3-muzic.com
    127.0.0.1 bearshare-download.org
    127.0.0.1 www.bearshare-download.org
    127.0.0.1 bearshare-downloads.net
    127.0.0.1 www.bearshare-downloads.net
    127.0.0.1 bearsharelive.co.uk
    127.0.0.1 www.bearsharelive.co.uk
    127.0.0.1 bearshare-music-downloads.com
    127.0.0.1 www.bearshare-music-downloads.com
    127.0.0.1 bearsharepro2007.com
    127.0.0.1 www.bearsharepro2007.com
    127.0.0.1 bearshare-usa.com
    127.0.0.1 www.bearshare-usa.com
    127.0.0.1 bedhome.com
    127.0.0.1 bediadance.com
    127.0.0.1 beebappyy.biz
    127.0.0.1 www.beebappyy.biz
    127.0.0.1 begin2search.com
    127.0.0.1 www.begin2search.com
    127.0.0.1 bellabasketsfl.com
    127.0.0.1 bernaolatwin.com
    127.0.0.1 best-counter.com
    127.0.0.1 bestcrawler.com
    127.0.0.1 bestfor.ru
    127.0.0.1 best-hardpics.com
    127.0.0.1 bestmanage.org
    127.0.0.1 www.bestmanage.org
    127.0.0.1 bestmanage0.org
    127.0.0.1 www.bestmanage0.org
    127.0.0.1 bestmanage1.org
    127.0.0.1 www.bestmanage1.org
    127.0.0.1 bestmanage2.org
    127.0.0.1 www.bestmanage2.org
    127.0.0.1 bestmanage3.org
    127.0.0.1 www.bestmanage3.org
    127.0.0.1 bestmanage4.org
    127.0.0.1 www.bestmanage4.org
    127.0.0.1 bestmanage5.org
    127.0.0.1 www.bestmanage5.org
    127.0.0.1 bestmanage6.org
    127.0.0.1 www.bestmanage6.org
    127.0.0.1 bestmanage7.org
    127.0.0.1 www.bestmanage7.org
    127.0.0.1 bestmanage8.org
    127.0.0.1 www.bestmanage8.org
    127.0.0.1 bestmanage9.org
    127.0.0.1 www.bestmanage9.org
    127.0.0.1 bestporngate.com
    127.0.0.1 bestsafetyguide.net
    127.0.0.1 www.bestsafetyguide.net
    127.0.0.1 best-spyware.info
    127.0.0.1 www.best-spyware.info
    127.0.0.1 best-targeted-traffic.com
    127.0.0.1 www.best-targeted-traffic.com
    127.0.0.1 best-voyeur.info
    127.0.0.1 www.best-voyeur.info
    127.0.0.1 bestweblinks.com
    127.0.0.1 best-winning-casino.com
    127.0.0.1 bestworldgirls-for-u.net
    127.0.0.1 www.bestworldgirls-for-u.net
    127.0.0.1 bestxporno.com
    127.0.0.1 bettersearch.biz
    127.0.0.1 www.bettersearch.biz
    127.0.0.1 bgazzetta.it
    127.0.0.1 www.bgazzetta.it
    127.0.0.1 bgoogle.it
    127.0.0.1 www.bgoogle.it
    127.0.0.1 bigtrafficnetwork.com
    127.0.0.1 www.bigtrafficnetwork.com
    127.0.0.1 bigwww.com
    127.0.0.1 www.bigwww.com
    127.0.0.1 bins.media-motor.net
    127.0.0.1 bins2.media-motor.net
    127.0.0.1 bis.180solutions.com
    127.0.0.1 bitchesonline.net
    127.0.0.1 bitcomet-freebie.com
    127.0.0.1 www.bitcomet-freebie.com
    127.0.0.1 biz.biz
    127.0.0.1 blackblues00.com
    127.0.0.1 www.blackblues00.com
    127.0.0.1 blackhats.tc
    127.0.0.1 www.blackhats.tc
    127.0.0.1 blackhawksoftware.com
    127.0.0.1 www.blackhawksoftware.com
    127.0.0.1 blackjack-free.net
    127.0.0.1 blazefind.com
    127.0.0.1 blender.xu.pl
    127.0.0.1 blondetgp.com
    127.0.0.1 blue-elefant.com
    127.0.0.1 www.blue-elefant.com
    127.0.0.1 bm.theaimonline.com
    127.0.0.1 www.bm.theaimonline.com
    127.0.0.1 bnmgate.com
    127.0.0.1 www.bnmgate.com
    127.0.0.1 bodaciousbabette.com
    127.0.0.1 bonzi.com
    127.0.0.1 www.bonzi.com
    127.0.0.1 boobdoll.com
    127.0.0.1 boobsandtits.com
    127.0.0.1 boobsclub.com
    127.0.0.1 bookedspace.com
    127.0.0.1 www.bookedspace.com
    127.0.0.1 boom.com.vn
    127.0.0.1 www.boom.com.vn
    127.0.0.1 boredlife.com
    127.0.0.1 bowlofogumbo.com
    127.0.0.1 bpfq02.com
    127.0.0.1 www.bpfq02.com
    127.0.0.1 bqgate.com
    127.0.0.1 www.bqgate.com
    127.0.0.1 bradcoem.org
    127.0.0.1 braincodec.com
    127.0.0.1 www.braincodec.com
    127.0.0.1 brandiyoung.com
    127.0.0.1 bravesentry.com
    127.0.0.1 www.bravesentry.com
    127.0.0.1 breenten.biz
    127.0.0.1 www.breenten.biz
    127.0.0.1 brodbfm.net
    127.0.0.1 www.brodbfm.net
    127.0.0.1 brookeburn.com
    127.0.0.1 browserwise.com
    127.0.0.1 www.browserwise.com
    127.0.0.1 bucps.com
    127.0.0.1 buhartes.info
    127.0.0.1 buldog-stats.com
    127.0.0.1 bullseye-network.com
    127.0.0.1 www.bullseye-network.com
    127.0.0.1 burgerkingbigscreen.com
    127.0.0.1 burnsrecyclinginc.com
    127.0.0.1 www.burnsrecyclinginc.com
    127.0.0.1 buscards.net
    127.0.0.1 bustyrussell.com
    127.0.0.1 busysearch.net
    127.0.0.1 www.busysearch.net
    127.0.0.1 buttejazz.org
    127.0.0.1 buy-find.info
    127.0.0.1 www.buy-find.info
    127.0.0.1 buyselldomain.net
    127.0.0.1 buytraff.biz
    127.0.0.1 www.buytraff.biz
    127.0.0.1 buz.ru
    127.0.0.1 bvirgilio.it
    127.0.0.1 www.bvirgilio.it
    127.0.0.1 c.centralmedia.ws
    127.0.0.1 c.enhance.com
    127.0.0.1 www.c.enhance.com
    127.0.0.1 c.goclick.com
    127.0.0.1 c4tdownload.com
    127.0.0.1 www.c4tdownload.com
    127.0.0.1 c5.www4free.info
    127.0.0.1 www.c5.www4free.info
    127.0.0.1 cache.surfaccuracy.com
    127.0.0.1 www.cache.surfaccuracy.com
    127.0.0.1 cache.ysbweb.com
    127.0.0.1 calcioturris.com
    127.0.0.1 calendaralerts.net
    127.0.0.1 www.calendaralerts.net
    127.0.0.1 cameouk.co.uk
    127.0.0.1 www.cameouk.co.uk
    127.0.0.1 cameup.com
    127.0.0.1 camouflageclothingonline.net
    127.0.0.1 www.camouflageclothingonline.net
    127.0.0.1 camup.net
    127.0.0.1 canberracricketcoaching.com
    127.0.0.1 candycantaloupes.com
    127.0.0.1 canidetect.org
    127.0.0.1 www.canidetect.org
    127.0.0.1 cantfind.com
    127.0.0.1 www.cantfind.com
    127.0.0.1 careers.dulcineasystems.net
    127.0.0.1 carsands.com
    127.0.0.1 carsrentals.net
    127.0.0.1 cartoes.uol.com.br
    127.0.0.1 casalemedia.com
    127.0.0.1 www.casalemedia.com
    127.0.0.1 cashdeluxe.net
    127.0.0.1 www.cashdeluxe.net
    127.0.0.1 cashengines.com
    127.0.0.1 www.cashengines.com
    127.0.0.1 cashsearch.biz
    127.0.0.1 cashsurfers.com
    127.0.0.1 www.cashsurfers.com
    127.0.0.1 CashUnlim.com
    127.0.0.1 www.CashUnlim.com
    127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
    127.0.0.1 casino2win.net
    127.0.0.1 casino-gambling-1.net
    127.0.0.1 casino-gambling-2.net
    127.0.0.1 casinomidas.net
    127.0.0.1 casinonline.net
    127.0.0.1 casino-onlines.net
    127.0.0.1 castingsamateur.com
    127.0.0.1 www.castingsamateur.com
    127.0.0.1 catallogue.com
    127.0.0.1 catch-dc.info
    127.0.0.1 www.catch-dc.info
    127.0.0.1 categories.mygeek.com
    127.0.0.1 catsss.da.ru
    127.0.0.1 caxa.ru
    127.0.0.1 cc.panet.org
    127.0.0.1 ccecaedbebfcaf.com
    127.0.0.1 www.ccecaedbebfcaf.com
    127.0.0.1 cclebali.org
    127.0.0.1 ccorriere.it
    127.0.0.1 www.ccorriere.it
    127.0.0.1 cdegate.com
    127.0.0.1 www.cdegate.com
    127.0.0.1 cdn.movies-etc.com
    127.0.0.1 cdn2.movies-etc.com
    127.0.0.1 cdorriere.it
    127.0.0.1 www.cdorriere.it
    127.0.0.1 ceewawires.org
    127.0.0.1 centralmedia.ws
    127.0.0.1 certumgroup.com
    127.0.0.1 cforriere.it
    127.0.0.1 www.cforriere.it
    127.0.0.1 check.jupitersatellites.biz
    127.0.0.1 www.check.jupitersatellites.biz
    127.0.0.1 checkin100.com
    127.0.0.1 www.checkin100.com
    127.0.0.1 checkssecurity.com
    127.0.0.1 www.checkssecurity.com
    127.0.0.1 chelancatering.com
    127.0.0.1 chenshijituan.com
    127.0.0.1 www.chenshijituan.com
    127.0.0.1 childrenvilla.com
    127.0.0.1 chips-4-free.com
    127.0.0.1 chrisswasey.com
    127.0.0.1 chriswallace.net
    127.0.0.1 cia-trjn.myvnc.com
    127.0.0.1 www.cia-trjn.myvnc.com
    127.0.0.1 ciorriere.it
    127.0.0.1 www.ciorriere.it
    127.0.0.1 cirriere.it
    127.0.0.1 www.cirriere.it
    127.0.0.1 ckick4thumbs.com
    127.0.0.1 cl55.biz
    127.0.0.1 clackamasliteraryreview.com
    127.0.0.1 cleansoftwares.com
    127.0.0.1 www.cleansoftwares.com
    127.0.0.1 clearsearch.cc
    127.0.0.1 clearsearch.net
    127.0.0.1 clickaire.com
    127.0.0.1 click-codec.com
    127.0.0.1 www.click-codec.com
    127.0.0.1 clickhere4search.com
    127.0.0.1 www.clickhere4search.com
    127.0.0.1 click-now.net
    127.0.0.1 clickspring.net
    127.0.0.1 www.clickspring.net
    127.0.0.1 click-to-download.com
    127.0.0.1 www.click-to-download.com
    127.0.0.1 clicktomakeasearch.com
    127.0.0.1 www.clicktomakeasearch.com
    127.0.0.1 clickyestoenter.net
    127.0.0.1 client.exeupdate.com
    127.0.0.1 client.myadultexplorer.com
    127.0.0.1 cliks.org
    127.0.0.1 www.cliks.org
    127.0.0.1 clorriere.it
    127.0.0.1 www.clorriere.it
    127.0.0.1 clrsch.com
    127.0.0.1 clubxxxvideo.com
    127.0.0.1 www.clubxxxvideo.com
    127.0.0.1 clusif.free.fr
    127.0.0.1 cmtapestry.com
    127.0.0.1 cnetadd.com
    127.0.0.1 www.cnetadd.com
    127.0.0.1 cnzz.com
    127.0.0.1 www.cnzz.com
    127.0.0.1 code.ignphrases.com
    127.0.0.1 codec.ninoa.com
    127.0.0.1 codecdvd.net
    127.0.0.1 www.codecdvd.net
    127.0.0.1 codec-fun.com
    127.0.0.1 www.codec-fun.com
    127.0.0.1 codecsoft.net
    127.0.0.1 www.codecsoft.net
    127.0.0.1 codrriere.it
    127.0.0.1 www.codrriere.it
    127.0.0.1 coeriere.it
    127.0.0.1 www.coeriere.it
    127.0.0.1 coerriere.it
    127.0.0.1 www.coerriere.it
    127.0.0.1 cofrriere.it
    127.0.0.1 www.cofrriere.it
    127.0.0.1 cogrriere.it
    127.0.0.1 www.cogrriere.it
    127.0.0.1 coirriere.it
    127.0.0.1 www.coirriere.it
    127.0.0.1 command.adservs.com
    127.0.0.1 www.commonname.com
    127.0.0.1 computerpcgames.net
    127.0.0.1 www.computerpcgames.net
    127.0.0.1 computerrecover.com
    127.0.0.1 www.computerrecover.com
    127.0.0.1 config.180solutions.com
    127.0.0.1 content.dollarrevenue.com
    127.0.0.1 www.content.dollarrevenue.com
    127.0.0.1 content.ireit.com
    127.0.0.1 www.content.ireit.com
    127.0.0.1 content.onerateld.com
    127.0.0.1 contentmatch.net
    127.0.0.1 www.contentmatch.net
    127.0.0.1 contra-virus.com
    127.0.0.1 www.contra-virus.com
    127.0.0.1 controlmeh.com
    127.0.0.1 www.controlmeh.com
    127.0.0.1 cooldeskalert.com
    127.0.0.1 www.cooldeskalert.com
    127.0.0.1 coolfetishsite.com
    127.0.0.1 coolfreehost.com
    127.0.0.1 coolfreepage.com
    127.0.0.1 coolfreepages.com
    127.0.0.1 cool-homepage.co
    127.0.0.1 cool-homepage.com
    127.0.0.1 coolmoneysearch.com
    127.0.0.1 coolpornsearch.com
    127.0.0.1 cool-search.net
    127.0.0.1 cool-search.netfartpost.com
    127.0.0.1 coolsearcher.info
    127.0.0.1 coolservecorp.net
    127.0.0.1 www.coolservecorp.net
    127.0.0.1 coolwebsearch.com
    127.0.0.1 www.coolwebsearch.com
    127.0.0.1 cool-web-search.com
    127.0.0.1 coolwebsearsh.com
    127.0.0.1 coolwwwsearch.com
    127.0.0.1 www.coolwwwsearch.com
    127.0.0.1 cool-xxx.net
    127.0.0.1 coorriere.it
    127.0.0.1 www.coorriere.it
    127.0.0.1 copmtraine.com
    127.0.0.1 coprriere.it
    127.0.0.1 www.coprriere.it
    127.0.0.1 core.psyche-evolution.com
    127.0.0.1 www.core.psyche-evolution.com
    127.0.0.1 coreiere.it
    127.0.0.1 www.coreiere.it
    127.0.0.1 coreriere.it
    127.0.0.1 www.coreriere.it
    127.0.0.1 corrdiere.it
    127.0.0.1 www.corrdiere.it
    127.0.0.1 correiere.it
    127.0.0.1 www.correiere.it
    127.0.0.1 corrfiere.it
    127.0.0.1 www.corrfiere.it
    127.0.0.1 corrgiere.it
    127.0.0.1 www.corrgiere.it
    127.0.0.1 corridere.it
    127.0.0.1 www.corridere.it
    127.0.0.1 corriedre.it
    127.0.0.1 www.corriedre.it
    127.0.0.1 corriee.it
    127.0.0.1 www.corriee.it
    127.0.0.1 corrieere.it
    127.0.0.1 www.corrieere.it
    127.0.0.1 corriefre.it
    127.0.0.1 www.corriefre.it
    127.0.0.1 corriegre.it
    127.0.0.1 www.corriegre.it
    127.0.0.1 corrierde.it
    127.0.0.1 www.corrierde.it
    127.0.0.1 corriered.it
    127.0.0.1 www.corriered.it
    127.0.0.1 corrieree.it
    127.0.0.1 www.corrieree.it
    127.0.0.1 corrieref.it
    127.0.0.1 www.corrieref.it
    127.0.0.1 corrierer.it
    127.0.0.1 www.corrierer.it
    127.0.0.1 corrieres.it
    127.0.0.1 www.corrieres.it
    127.0.0.1 corrierew.it
    127.0.0.1 www.corrierew.it
    127.0.0.1 corrierfe.it
    127.0.0.1 www.corrierfe.it
    127.0.0.1 corrierge.it
    127.0.0.1 www.corrierge.it
    127.0.0.1 corrierr.it
    127.0.0.1 www.corrierr.it
    127.0.0.1 corrierre.it
    127.0.0.1 www.corrierre.it
    127.0.0.1 corrierse.it
    127.0.0.1 www.corrierse.it
    127.0.0.1 corrierte.it
    127.0.0.1 www.corrierte.it
    127.0.0.1 corrierw.it
    127.0.0.1 www.corrierw.it
    127.0.0.1 corrierwe.it
    127.0.0.1 www.corrierwe.it
    127.0.0.1 corriesre.it
    127.0.0.1 www.corriesre.it
    127.0.0.1 corriete.it
    127.0.0.1 www.corriete.it
    127.0.0.1 corrietre.it
    127.0.0.1 www.corrietre.it
    127.0.0.1 corriewre.it
    127.0.0.1 www.corriewre.it
    127.0.0.1 corrifere.it
    127.0.0.1 www.corrifere.it
    127.0.0.1 corriiere.it
    127.0.0.1 www.corriiere.it
    127.0.0.1 corrilere.it
    127.0.0.1 www.corrilere.it
    127.0.0.1 corrioere.it
    127.0.0.1 www.corrioere.it
    127.0.0.1 corrire.it
    127.0.0.1 www.corrire.it
    127.0.0.1 corrirere.it
    127.0.0.1 www.corrirere.it
    127.0.0.1 corrirre.it
    127.0.0.1 www.corrirre.it
    127.0.0.1 corrisere.it
    127.0.0.1 www.corrisere.it
    127.0.0.1 corriuere.it
    127.0.0.1 www.corriuere.it
    127.0.0.1 corriwere.it
    127.0.0.1 www.corriwere.it
    127.0.0.1 corriwre.it
    127.0.0.1 www.corriwre.it
    127.0.0.1 corrliere.it
    127.0.0.1 www.corrliere.it
    127.0.0.1 corroere.it
    127.0.0.1 www.corroere.it
    127.0.0.1 corroiere.it
    127.0.0.1 www.corroiere.it
    127.0.0.1 corrriere.it
    127.0.0.1 www.corrriere.it
    127.0.0.1 corrtiere.it
    127.0.0.1 www.corrtiere.it
    127.0.0.1 corruere.it
    127.0.0.1 www.corruere.it
    127.0.0.1 corruiere.it
    127.0.0.1 www.corruiere.it
    127.0.0.1 cortiere.it
    127.0.0.1 www.cortiere.it
    127.0.0.1 cortriere.it
    127.0.0.1 www.cortriere.it
    127.0.0.1 costrike.com
    127.0.0.1 www.costrike.com
    127.0.0.1 cotriere.it
    127.0.0.1 www.cotriere.it
    127.0.0.1 cotrriere.it
    127.0.0.1 www.cotrriere.it
    127.0.0.1 couldnotfind.com
    127.0.0.1 count.cc
    127.0.0.1 count.hitscount.net
    127.0.0.1 count-all.com
    127.0.0.1 countdutycall.info
    127.0.0.1 www.countdutycall.info
    127.0.0.1 counter.sexmaniack.com
    127.0.0.1 cporriere.it
    127.0.0.1 www.cporriere.it
    127.0.0.1 cprriere.it
    127.0.0.1 www.cprriere.it
    127.0.0.1 cpvfeed.com
    127.0.0.1 cracks.me.uk
    127.0.0.1 cracks4all.com
    127.0.0.1 www.cracks4all.com
    127.0.0.1 crapsgold.info
    127.0.0.1 www.crapsgold.info
    127.0.0.1 Crazygirls-world.com
    127.0.0.1 crazywinnings.com
    127.0.0.1 www.crazywinnings.com
    127.0.0.1 creamedcutties.com
    127.0.0.1 createaccesskey.com
    127.0.0.1 www.createaccesskey.com
    127.0.0.1 creditsearchonline.com
    127.0.0.1 crestring.com
    127.0.0.1 crooder.com
    127.0.0.1 crriere.it
    127.0.0.1 www.crriere.it
    127.0.0.1 crystalysmedia.com
    127.0.0.1 www.crystalysmedia.com
    127.0.0.1 csx.adservs.com
    127.0.0.1 www.csx.adservs.com
    127.0.0.1 cts.180solutions.com
    127.0.0.1 cuisinartoven.com
    127.0.0.1 www.cuisinartoven.com
    127.0.0.1 curedc.info
    127.0.0.1 www.curedc.info
    127.0.0.1 curepcsolutions.com
    127.0.0.1 www.curepcsolutions.com
    127.0.0.1 curvedspaces.com
    127.0.0.1 cutadult.com
    127.0.0.1 www.cutadult.com
    127.0.0.1 cvirgilio.it
    127.0.0.1 www.cvirgilio.it
    127.0.0.1 cvorriere.it
    127.0.0.1 www.cvorriere.it
    127.0.0.1 cvs.jps.ru
    127.0.0.1 cvsymphony.com
    127.0.0.1 cxorriere.it
    127.0.0.1 www.cxorriere.it
    127.0.0.1 cyberrape.com
    127.0.0.1 www.cyberrape.com
    127.0.0.1 cydom.com
    127.0.0.1 cydoor.com
    127.0.0.1 www.cydoor.com
    127.0.0.1 daily-gals.com
    127.0.0.1 dailypornmag.com
    127.0.0.1 www.dailypornmag.com
    127.0.0.1 dailyteenspic.com
    127.0.0.1 dailytoolbar.com
    127.0.0.1 www.dailytoolbar.com
    127.0.0.1 dancingbabycd.com
    127.0.0.1 data-hoster.com
    127.0.0.1 www.data-hoster.com
    127.0.0.1 datanotary.com
    127.0.0.1 datareco.com
    127.0.0.1 dating-galaxy.info
    127.0.0.1 www.dating-galaxy.info
    127.0.0.1 dating-search.net
    127.0.0.1 davemarshall.org
    127.0.0.1 db105.com
    127.0.0.1 dbdecicated.com
    127.0.0.1 www.dbdecicated.com
    127.0.0.1 dbxcompany.com
    127.0.0.1 www.dbxcompany.com
    127.0.0.1 dcdl.dmcast.com
    127.0.0.1 dcfitusa.com
    127.0.0.1 dcorriere.it
    127.0.0.1 www.dcorriere.it
    127.0.0.1 dcurtis.com
    127.0.0.1 www.dcurtis.com
    127.0.0.1 dcww.dmcast.com
    127.0.0.1 de.ag
    127.0.0.1 de.drivecleaner.com
    127.0.0.1 de98.remsys.org
    127.0.0.1 debay.it
    127.0.0.1 www.debay.it
    127.0.0.1 dedmazay.3322.org
    127.0.0.1 dedsearch.com
    127.0.0.1 www.dedsearch.com
    127.0.0.1 defaultsearch.net
    127.0.0.1 Defensaantimalware.com
    127.0.0.1 www.Defensaantimalware.com
    127.0.0.1 deja-rue.com
    127.0.0.1 www.deja-rue.com
    127.0.0.1 derklaif.biz
    127.0.0.1 www.derklaif.biz
    127.0.0.1 derrari.it
    127.0.0.1 www.derrari.it
    127.0.0.1 desarrollocreativo.com
    127.0.0.1 deskbar.worldtostart.com
    127.0.0.1 www.deskbar.worldtostart.com
    127.0.0.1 deskwizz.com
    127.0.0.1 www.deskwizz.com
    127.0.0.1 dev.ntcor.com
    127.0.0.1 develip.com
    127.0.0.1 dewis.spb.ru
    127.0.0.1 dewis.us
    127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
    127.0.0.1 dgbusiness.com
    127.0.0.1 www.dgbusiness.com
    127.0.0.1 dialer2004.com
    127.0.0.1 dialerclub.com
    127.0.0.1 www.dialerclub.com
    127.0.0.1 dialer-shop.com
    127.0.0.1 www.dialer-shop.com
    127.0.0.1 dialoff.com
    127.0.0.1 www.dialoff.com
    127.0.0.1 did.i-used.cc
    127.0.0.1 www.did.i-used.cc
    127.0.0.1 dietpills4free.com
    127.0.0.1 dietpussy.com
    127.0.0.1 digikeygen.com
    127.0.0.1 www.digikeygen.com
    127.0.0.1 digistreamsa.com
    127.0.0.1 digitalcoders.net
    127.0.0.1 www.digitalcoders.net
    127.0.0.1 www.digitalfan.com
    127.0.0.1 digital-pornography.com
    127.0.0.1 dionforvalleycouncil.org
    127.0.0.1 directdvdpro.com
    127.0.0.1 www.directdvdpro.com
    127.0.0.1 directporta.info
    127.0.0.1 www.directporta.info
    127.0.0.1 directsearchzone.com
    127.0.0.1 www.directsearchzone.com
    127.0.0.1 dist.checkin100.com
    127.0.0.1 dl.ad-ware.cc
    127.0.0.1 dl.malwarewipe.com
    127.0.0.1 dl.targetsaver.com
    127.0.0.1 www.dl.targetsaver.com
    127.0.0.1 dl.web-nexus.net
    127.0.0.1 dl1.antivermins.com
    127.0.0.1 dl1.antivirgear.com
    127.0.0.1 dl1.spydawn.com
    127.0.0.1 dl1.virusprotectpro.com
    127.0.0.1 dl10.spyfalcon.com
    127.0.0.1 dl16.spyfalcon.com
    127.0.0.1 dl2.spyfalcon.com
    127.0.0.1 dl2.spyheal.com
    127.0.0.1 dl2.spywarestrike.com
    127.0.0.1 dl3.spyfalcon.com
    127.0.0.1 dl3.spyheal.com
    127.0.0.1 dl3.spywarestrike.com
    127.0.0.1 dl4.spyfalcon.com
    127.0.0.1 dl4.spywarestrike.com
    127.0.0.1 dl5.spyfalcon.com
    127.0.0.1 dl5.spywarestrike.com
    127.0.0.1 dl6.spywarestrike.com
    127.0.0.1 dl7.spywarestrike.com
    127.0.0.1 dl8.spyheal.com
    127.0.0.1 dl8.spywarestrike.com
    127.0.0.1 dl9.spyfalcon.com
    127.0.0.1 dmcast.com
    127.0.0.1 www.dmcast.com
    127.0.0.1 dnaads.com
    127.0.0.1 www.dnaads.com
    127.0.0.1 dnl.mabou.org
    127.0.0.1 dns-look-up.com
    127.0.0.1 www.dns-look-up.com
    127.0.0.1 doctorwaldron.com
    127.0.0.1 document-not-found.pornpic.org
    127.0.0.1 doggyaction.com
    127.0.0.1 dogproblemswebsite.com
    127.0.0.1 www.dogproblemswebsite.com
    127.0.0.1 doktorxxx.com
    127.0.0.1 dollarrevenue.com
    127.0.0.1 domaincar.com
    127.0.0.1 www.domaincar.com
    127.0.0.1 domains2003.net
    127.0.0.1 domains-for-you-online.com
    127.0.0.1 domain-your-registration.com
    127.0.0.1 domkrat.com
    127.0.0.1 dotcomtoolbar.com
    127.0.0.1 www.dotcomtoolbar.com
    127.0.0.1 down.136136.net
    127.0.0.1 download.abetterinternet.com
    127.0.0.1 download.antispywarebot.com
    127.0.0.1 www.download.antispywarebot.com
    127.0.0.1 download.bardownload.com
    127.0.0.1 www.download.bardownload.com
    127.0.0.1 download.bravesentry.com
    127.0.0.1 www.download.bravesentry.com
    127.0.0.1 download.jupitersatellites.biz
    127.0.0.1 www.download.jupitersatellites.biz
    127.0.0.1 download.searchtabs.net
    127.0.0.1 download.secureyournet.biz
    127.0.0.1 www.download.secureyournet.biz
    127.0.0.1 download.spyonthis.net
    127.0.0.1 download.spy-shredder.com
    127.0.0.1 download.winantivirus.com
    127.0.0.1 download10.spywarequake.com
    127.0.0.1 download11.spywarequake.com
    127.0.0.1 download12.spywarequake.com
    127.0.0.1 download13.spywarequake.com
    127.0.0.1 download15.spywarequake.com
    127.0.0.1 download2.spywarequake.com
    127.0.0.1 download-2007.com
    127.0.0.1 www.download-2007.com
    127.0.0.1 download3.spyaxe.com
    127.0.0.1 download3.spywarequake.com
    127.0.0.1 download4.spyaxe.com
    127.0.0.1 download4.spywarequake.com
    127.0.0.1 download5.spyaxe.com
    127.0.0.1 download5.spywarequake.com
    127.0.0.1 download6.spyaxe.com
    127.0.0.1 download7.spywarequake.com
    127.0.0.1 download8.spywarequake.com
    127.0.0.1 download9.spywarequake.com
    127.0.0.1 download-ad-aware.com
    127.0.0.1 www.download-ad-aware.com
    127.0.0.1 download-all-4-free.com
    127.0.0.1 www.download-all-4-free.com
    127.0.0.1 download-all-area.com
    127.0.0.1 www.download-all-area.com
    127.0.0.1 download-antivir.com
    127.0.0.1 www.download-antivir.com
    127.0.0.1 downloadanysong.com
    127.0.0.1 www.downloadanysong.com
    127.0.0.1 download-avast.com
    127.0.0.1 www.download-avast.com
    127.0.0.1 downloadcorporation.com
    127.0.0.1 www.downloadcorporation.com
    127.0.0.1 download-dvdshrink.com
    127.0.0.1 www.download-dvdshrink.com
    127.0.0.1 download-for-free.net
    127.0.0.1 www.download-for-free.net
    127.0.0.1 downloadfreesoft.com
    127.0.0.1 www.downloadfreesoft.com
    127.0.0.1 downloadfreeway.com
    127.0.0.1 www.downloadfreeway.com
    127.0.0.1 downloadimesh.com
    127.0.0.1 www.downloadimesh.com
    127.0.0.1 download-itunes-now.com
    127.0.0.1 www.download-itunes-now.com
    127.0.0.1 download-limewire.org
    127.0.0.1 www.download-limewire.org
    127.0.0.1 downloadlost.tv
    127.0.0.1 www.downloadlost.tv
    127.0.0.1 downloadmax.net
    127.0.0.1 www.downloadmax.net
    127.0.0.1 download-mcafee.com
    127.0.0.1 www.download-mcafee.com
    127.0.0.1 download-me.info
    127.0.0.1 downloadmediaax.com
    127.0.0.1 www.downloadmediaax.com
    127.0.0.1 downloadpics.net
    127.0.0.1 www.downloadpics.net
    127.0.0.1 download-real-player.com
    127.0.0.1 www.download-real-player.com
    127.0.0.1 downloads.180solutions.com
    127.0.0.1 downloads.adaware.cc
    127.0.0.1 downloadservicearea.com
    127.0.0.1 www.downloadservicearea.com
    127.0.0.1 downloads-free.org
    127.0.0.1 www.downloads-free.org
    127.0.0.1 downloadsglobe.com
    127.0.0.1 www.downloadsglobe.com
    127.0.0.1 download-this.us
    127.0.0.1 www.download-this.us
    127.0.0.1 download-trillian.com
    127.0.0.1 www.download-trillian.com
    127.0.0.1 downloadv3.com
    127.0.0.1 www.downloadv3.com
    127.0.0.1 downloadvax.com
    127.0.0.1 www.downloadvax.com
    127.0.0.1 download-windvd.com
    127.0.0.1 www.download-windvd.com
    127.0.0.1 download-winrar.com
    127.0.0.1 www.download-winrar.com
    127.0.0.1 downloadwi
    a b 8 Sécurité
    21 Janvier 2008 13:07:58

    Re,

    Télécharge R-Hosts.exe (de S!ri)
    Lance R-Hosts puis clique sur "Restaurer".
    Valide la modification en appuyant sur OK.

    Refais un scan LopS&D option 1.
    21 Janvier 2008 19:41:00

    Bonsoir,

    Voici le rapport, à savoir que lors de l'analyse de "Lop" mon anti-virus a détecté un cheval de troye Type Win_injectV...


    -----------------------------[ Lop S&D 2.0.6 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

    [ USER: RICHARD ] [ "C:\Program Files\Lop SD" ]

    [ 21/01/2008 | 19:32:00,82 ] [ LERICCI ]


    -------------[ Listing des dossiers dans Application Data ]------------

    [20/01/2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [20/01/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [20/01/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [20/01/2008|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [19/01/2008|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [02/12/2007|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [02/12/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
    [02/12/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [22/11/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [22/11/2007|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flag Proc Win Deaf
    [14/08/2007|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [18/05/2007|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [27/04/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [20/03/2007|00:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings
    [30/12/2005|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [28/12/2005|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [27/11/2005|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [04/11/2005|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [27/10/2005|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [19/10/2005|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [19/10/2005|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [19/10/2005|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [19/10/2005|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [19/10/2005|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA

    [30/12/2005|15:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [04/11/2005|11:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
    [04/11/2005|11:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [04/11/2005|10:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28/10/2005|21:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
    [28/10/2005|21:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [27/10/2005|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [19/10/2005|20:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [19/10/2005|14:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [19/10/2005|12:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities


    [31/10/2006|20:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [26/10/2005|23:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [31/10/2006|20:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\MetaProducts
    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [28/02/2006|22:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

    [19/01/2008|21:49] C:\DOCUME~1\RICHARD\APPLIC~1\..
    [19/01/2008|21:49] C:\DOCUME~1\RICHARD\APPLIC~1\.
    [19/01/2008|21:48] C:\DOCUME~1\RICHARD\APPLIC~1\wklnhst.dat
    [19/01/2008|00:58] C:\DOCUME~1\RICHARD\APPLIC~1\Graphisoft
    [11/12/2007|20:29] C:\DOCUME~1\RICHARD\APPLIC~1\Scr Bird Does
    [09/12/2007|15:18] C:\DOCUME~1\RICHARD\APPLIC~1\SecuROM
    [02/12/2007|19:40] C:\DOCUME~1\RICHARD\APPLIC~1\Real
    [30/11/2007|21:06] C:\DOCUME~1\RICHARD\APPLIC~1\Search Settings
    [30/11/2007|20:17] C:\DOCUME~1\RICHARD\APPLIC~1\dBpoweramp
    [30/11/2007|20:10] C:\DOCUME~1\RICHARD\APPLIC~1\AccurateRip
    [23/11/2007|20:38] C:\DOCUME~1\RICHARD\APPLIC~1\GDIPFONTCACHEV1.DAT
    [14/08/2007|13:54] C:\DOCUME~1\RICHARD\APPLIC~1\AVS4YOU
    [29/07/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Steinberg
    [09/07/2007|21:29] C:\DOCUME~1\RICHARD\APPLIC~1\Microsoft
    [04/06/2007|19:06] C:\DOCUME~1\RICHARD\APPLIC~1\IDS_COMPANY
    [18/05/2007|12:21] C:\DOCUME~1\RICHARD\APPLIC~1\AdobeUM
    [18/05/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Adobe
    [13/05/2007|09:40] C:\DOCUME~1\RICHARD\APPLIC~1\Help
    [28/04/2007|21:05] C:\DOCUME~1\RICHARD\APPLIC~1\DivX
    [28/04/2007|00:05] C:\DOCUME~1\RICHARD\APPLIC~1\vlc
    [09/04/2007|17:13] C:\DOCUME~1\RICHARD\APPLIC~1\Ahead
    [31/03/2007|12:17] C:\DOCUME~1\RICHARD\APPLIC~1\Nikon
    [28/03/2007|22:25] C:\DOCUME~1\RICHARD\APPLIC~1\Media Player Classic
    [25/03/2007|18:12] C:\DOCUME~1\RICHARD\APPLIC~1\MetaProducts
    [25/03/2007|15:19] C:\DOCUME~1\RICHARD\APPLIC~1\BitTorrent
    [25/03/2007|14:58] C:\DOCUME~1\RICHARD\APPLIC~1\Musicmatch
    [25/03/2007|14:53] C:\DOCUME~1\RICHARD\APPLIC~1\BitDownload
    [19/03/2007|20:47] C:\DOCUME~1\RICHARD\APPLIC~1\Google
    [07/03/2007|22:01] C:\DOCUME~1\RICHARD\APPLIC~1\EPSON
    [19/05/2006|11:41] C:\DOCUME~1\RICHARD\APPLIC~1\NeroDCTemplates
    [08/01/2006|22:59] C:\DOCUME~1\RICHARD\APPLIC~1\Logitech
    [30/12/2005|15:22] C:\DOCUME~1\RICHARD\APPLIC~1\AOL
    [04/11/2005|11:47] C:\DOCUME~1\RICHARD\APPLIC~1\You've Got Pictures Screensaver
    [04/11/2005|10:17] C:\DOCUME~1\RICHARD\APPLIC~1\Macromedia
    [28/10/2005|21:40] C:\DOCUME~1\RICHARD\APPLIC~1\CyberLink
    [27/10/2005|00:15] C:\DOCUME~1\RICHARD\APPLIC~1\Sun
    [19/10/2005|14:48] C:\DOCUME~1\RICHARD\APPLIC~1\desktop.ini
    [19/10/2005|12:53] C:\DOCUME~1\RICHARD\APPLIC~1\Identities

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [20/01/2008 09:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
    [21/01/2008 19:26][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [21/01/2008|19:32] C:\Program Files\Lop SD
    [20/01/2008|23:04] C:\Program Files\..
    [20/01/2008|23:04] C:\Program Files\.
    [20/01/2008|22:11] C:\Program Files\eMule
    [20/01/2008|11:48] C:\Program Files\Spybot - Search & Destroy
    [20/01/2008|09:55] C:\Program Files\Apple Software Update
    [19/01/2008|20:47] C:\Program Files\Trend Micro
    [19/01/2008|14:25] C:\Program Files\Java
    [19/01/2008|13:46] C:\Program Files\QuickTime
    [19/01/2008|01:14] C:\Program Files\Fichiers communs
    [19/01/2008|00:10] C:\Program Files\InstallShield Installation Information
    [05/01/2008|11:07] C:\Program Files\Micro Application
    [14/12/2007|17:34] C:\Program Files\Internet Explorer
    [09/12/2007|10:37] C:\Program Files\Avast4
    [02/12/2007|20:23] C:\Program Files\Google
    [02/12/2007|20:23] C:\Program Files\dBpowerAMP12.2
    [02/12/2007|20:18] C:\Program Files\K-Lite Codec Pack
    [02/12/2007|20:10] C:\Program Files\DivX
    [02/12/2007|20:03] C:\Program Files\Xvid
    [02/12/2007|19:44] C:\Program Files\Real Alternative
    [01/12/2007|11:33] C:\Program Files\Home Cinema
    [30/11/2007|20:38] C:\Program Files\Search Settings
    [30/11/2007|20:33] C:\Program Files\Free Audio Pack
    [25/11/2007|16:01] C:\Program Files\Multi_Media
    [24/11/2007|15:14] C:\Program Files\Windows NT
    [24/11/2007|15:04] C:\Program Files\AC3Filter
    [24/11/2007|13:12] C:\Program Files\Pando Networks
    [22/11/2007|19:56] C:\Program Files\Elaborate Bytes
    [19/11/2007|00:28] C:\Program Files\Attack on Pearl Harbor
    [06/11/2007|20:14] C:\Program Files\Windows Media Player
    [06/11/2007|20:08] C:\Program Files\Windows Media Connect 2
    [22/09/2007|09:30] C:\Program Files\Unlocker
    [16/09/2007|16:01] C:\Program Files\SUPER-Vid
    [15/08/2007|23:08] C:\Program Files\MSXML 6.0
    [14/08/2007|14:32] C:\Program Files\Haali
    [14/08/2007|14:31] C:\Program Files\Riam
    [14/08/2007|14:27] C:\Program Files\MKVtoolnix
    [14/08/2007|14:23] C:\Program Files\Ripp-it_AM
    [08/08/2007|08:36] C:\Program Files\eRightSoft
    [08/08/2007|08:36] C:\Program Files\SUPER-Vid‚o
    [29/07/2007|11:03] C:\Program Files\Steinberg
    [11/07/2007|17:08] C:\Program Files\emoticones.exe
    [11/07/2007|17:08] C:\Program Files\emoticones1_5.exe
    [16/06/2007|13:21] C:\Program Files\WinRAR
    [13/06/2007|19:24] C:\Program Files\Outlook Express
    [18/05/2007|20:36] C:\Program Files\DivX3.11a
    [14/05/2007|23:04] C:\Program Files\DVD Shrink
    [10/05/2007|22:55] C:\Program Files\Audacity
    [08/05/2007|10:26] C:\Program Files\RALINK
    [30/04/2007|09:08] C:\Program Files\MSBuild
    [30/04/2007|09:03] C:\Program Files\Reference Assemblies
    [28/04/2007|19:11] C:\Program Files\AviSynth 2.5
    [28/04/2007|00:03] C:\Program Files\Vid‚o-Lecteur
    [08/04/2007|10:42] C:\Program Files\Realtek
    [03/04/2007|00:09] C:\Program Files\Monkey's Audio
    [31/03/2007|19:08] C:\Program Files\Nikon
    [28/03/2007|22:25] C:\Program Files\KC Softwares
    [25/03/2007|18:12] C:\Program Files\Download Express
    [25/03/2007|14:59] C:\Program Files\Windows Media Connect
    [25/03/2007|14:58] C:\Program Files\MUSICMATCH
    [22/03/2007|18:51] C:\Program Files\EPSON
    [20/03/2007|21:29] C:\Program Files\MSN Messenger
    [20/03/2007|21:23] C:\Program Files\Uninstall Information
    [20/03/2007|00:59] C:\Program Files\MSXML 4.0
    [20/03/2007|00:20] C:\Program Files\Medion Info Display
    [20/03/2007|00:08] C:\Program Files\X10 Hardware
    [10/03/2007|10:59] C:\Program Files\Accel charg
    [07/03/2007|21:39] C:\Program Files\Microsoft Works
    [07/03/2007|21:39] C:\Program Files\Messenger
    [07/11/2006|21:15] C:\Program Files\Electronic Arts
    [11/07/2006|21:44] C:\Program Files\CyberLink
    [05/07/2006|19:12] C:\Program Files\YAMAHA
    [05/07/2006|19:12] C:\Program Files\Ahead
    [05/07/2006|19:12] C:\Program Files\Adobe
    [10/03/2006|22:27] C:\Program Files\Eidos Interactive
    [08/01/2006|22:56] C:\Program Files\Logitech
    [04/11/2005|11:47] C:\Program Files\Viewpoint
    [03/11/2005|18:35] C:\Program Files\Microsoft Works Suite 2006
    [26/10/2005|23:07] C:\Program Files\Common Files
    [19/10/2005|20:55] C:\Program Files\Microsoft AutoRoute
    [19/10/2005|20:52] C:\Program Files\Encarta
    [19/10/2005|20:44] C:\Program Files\Microsoft Office
    [19/10/2005|15:23] C:\Program Files\USB Wireless Keyboard Driver
    [19/10/2005|15:13] C:\Program Files\C-Media USB2.0 Card Reader
    [19/10/2005|14:02] C:\Program Files\Intel
    [19/10/2005|12:57] C:\Program Files\Windows Journal Viewer
    [19/10/2005|12:53] C:\Program Files\xerox
    [19/10/2005|12:53] C:\Program Files\microsoft frontpage
    [19/10/2005|12:52] C:\Program Files\Services en ligne
    [19/10/2005|12:52] C:\Program Files\NetMeeting
    [19/10/2005|12:52] C:\Program Files\Movie Maker
    [19/10/2005|12:51] C:\Program Files\MSN Gaming Zone
    [19/10/2005|12:51] C:\Program Files\MSN
    [28/06/2005|11:22] C:\Program Files\vob2mpg.exe

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [19/01/2008|01:14] C:\Program Files\Fichiers communs\PC SOFT
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\..
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\.
    [14/08/2007|13:59] C:\Program Files\Fichiers communs\AVSMedia
    [14/08/2007|13:51] C:\Program Files\Fichiers communs\Microsoft Shared
    [13/06/2007|19:24] C:\Program Files\Fichiers communs\System
    [28/04/2007|13:16] C:\Program Files\Fichiers communs\muvee Technologies
    [27/04/2007|18:31] C:\Program Files\Fichiers communs\ODBC
    [31/03/2007|12:17] C:\Program Files\Fichiers communs\Nikon
    [05/07/2006|19:12] C:\Program Files\Fichiers communs\aolshare
    [28/01/2006|19:33] C:\Program Files\Fichiers communs\Adobe
    [08/01/2006|22:56] C:\Program Files\Fichiers communs\Logitech
    [30/12/2005|15:22] C:\Program Files\Fichiers communs\AOL
    [04/11/2005|11:47] C:\Program Files\Fichiers communs\Nullsoft
    [04/11/2005|11:41] C:\Program Files\Fichiers communs\InstallShield
    [19/10/2005|20:44] C:\Program Files\Fichiers communs\Designer
    [19/10/2005|20:17] C:\Program Files\Fichiers communs\Java
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\LightScribe
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\Nero
    [19/10/2005|20:15] C:\Program Files\Fichiers communs\Ahead
    [19/10/2005|14:48] C:\Program Files\Fichiers communs\SpeechEngines
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\Services
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\MSSoap

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\DOCUME~1\RICHARD\APPLIC~1\SCRBIR~1

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\RICHARD\APPLIC~1\Bitdownload
    C:\DOCUME~1\RICHARD\APPLIC~1\Bitdownload\Data
    C:\Program Files\Multi_Media
    C:\Program Files\Multi_Media\INSTALL.LOG
    C:\Program Files\Multi_Media\LanguagePack.xml
    C:\Program Files\Multi_Media\LocalSettings.txt
    C:\Program Files\Multi_Media\RadioPlayer
    C:\Program Files\Multi_Media\rss
    C:\Program Files\Multi_Media\tbMul1.dll
    C:\Program Files\Multi_Media\tbMult.dll
    C:\Program Files\Multi_Media\ThirdPartyComponents.xml
    C:\Program Files\Multi_Media\toolbar.cfg
    C:\Program Files\Multi_Media\UNWISE.EXE
    C:\Program Files\Multi_Media\update.xml

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\jugs bib bits]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\RICHARD\\APPLIC~1\\SCRBIR~1\\software64browse.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PollCamp"="C:\\DOCUME~1\\RICHARD\\APPLIC~1\\SCRBIR~1\\software64browse.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-21 19:34:15
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:943][Doss:109] C:\DOCUME~1\RICHARD\LOCALS~1\Temp
    /!\ [Fich:15140][Doss:29] C:\DOCUME~1\RICHARD\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:35:02,53 ]----------------------
    21 Janvier 2008 20:28:01

    A noter qu'aprés redémarrage, le message initial est réapparu!
    J'ai lancé Spybot que me dit "Bravo, il n'y a plus de mouchards!"
    ??
    a b 8 Sécurité
    21 Janvier 2008 22:38:35

    On n'a rien fait encore :) 

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    22 Janvier 2008 19:20:28

    Voici le rapport:


    -----------------------------[ Lop S&D 2.0.6 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

    [ USER: RICHARD ] [ "C:\Program Files\Lop SD" ]

    [ 22/01/2008 | 19:01:28,90 ] [ LERICCI ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Echec ! - C:\DOCUME~1\RICHARD\APPLIC~1\Bitdownload\Data
    Supprimé! - C:\Program Files\Multi_Media\INSTALL.LOG
    Supprimé! - C:\Program Files\Multi_Media\LanguagePack.xml
    Supprimé! - C:\Program Files\Multi_Media\LocalSettings.txt
    Echec ! - C:\Program Files\Multi_Media\RadioPlayer
    Echec ! - C:\Program Files\Multi_Media\rss
    Supprimé! - C:\Program Files\Multi_Media\tbMul1.dll
    Supprimé! - C:\Program Files\Multi_Media\tbMult.dll
    Supprimé! - C:\Program Files\Multi_Media\ThirdPartyComponents.xml
    Supprimé! - C:\Program Files\Multi_Media\toolbar.cfg
    Supprimé! - C:\Program Files\Multi_Media\UNWISE.EXE
    Supprimé! - C:\Program Files\Multi_Media\update.xml
    Supprimé! - C:\DOCUME~1\RICHARD\APPLIC~1\Bitdownload
    Supprimé! - C:\Program Files\Multi_Media
    Supprimé! - C:\DOCUME~1\RICHARD\APPLIC~1\SCRBIR~1

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [20/01/2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [20/01/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [20/01/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [20/01/2008|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [19/01/2008|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [02/12/2007|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [02/12/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
    [02/12/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [22/11/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [22/11/2007|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flag Proc Win Deaf
    [14/08/2007|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [18/05/2007|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [27/04/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [20/03/2007|00:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings
    [30/12/2005|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [28/12/2005|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [27/11/2005|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [04/11/2005|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [27/10/2005|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [19/10/2005|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [19/10/2005|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [19/10/2005|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [19/10/2005|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [19/10/2005|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA

    [30/12/2005|15:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [04/11/2005|11:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
    [04/11/2005|11:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [04/11/2005|10:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28/10/2005|21:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
    [28/10/2005|21:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [27/10/2005|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [19/10/2005|20:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [19/10/2005|14:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [19/10/2005|12:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities


    [31/10/2006|20:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [26/10/2005|23:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [31/10/2006|20:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\MetaProducts
    [25/03/2007|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [28/02/2006|22:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

    [22/01/2008|19:02] C:\DOCUME~1\RICHARD\APPLIC~1\..
    [22/01/2008|19:02] C:\DOCUME~1\RICHARD\APPLIC~1\.
    [19/01/2008|21:48] C:\DOCUME~1\RICHARD\APPLIC~1\wklnhst.dat
    [19/01/2008|00:58] C:\DOCUME~1\RICHARD\APPLIC~1\Graphisoft
    [09/12/2007|15:18] C:\DOCUME~1\RICHARD\APPLIC~1\SecuROM
    [02/12/2007|19:40] C:\DOCUME~1\RICHARD\APPLIC~1\Real
    [30/11/2007|21:06] C:\DOCUME~1\RICHARD\APPLIC~1\Search Settings
    [30/11/2007|20:17] C:\DOCUME~1\RICHARD\APPLIC~1\dBpoweramp
    [30/11/2007|20:10] C:\DOCUME~1\RICHARD\APPLIC~1\AccurateRip
    [23/11/2007|20:38] C:\DOCUME~1\RICHARD\APPLIC~1\GDIPFONTCACHEV1.DAT
    [14/08/2007|13:54] C:\DOCUME~1\RICHARD\APPLIC~1\AVS4YOU
    [29/07/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Steinberg
    [09/07/2007|21:29] C:\DOCUME~1\RICHARD\APPLIC~1\Microsoft
    [04/06/2007|19:06] C:\DOCUME~1\RICHARD\APPLIC~1\IDS_COMPANY
    [18/05/2007|12:21] C:\DOCUME~1\RICHARD\APPLIC~1\AdobeUM
    [18/05/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Adobe
    [13/05/2007|09:40] C:\DOCUME~1\RICHARD\APPLIC~1\Help
    [28/04/2007|21:05] C:\DOCUME~1\RICHARD\APPLIC~1\DivX
    [28/04/2007|00:05] C:\DOCUME~1\RICHARD\APPLIC~1\vlc
    [09/04/2007|17:13] C:\DOCUME~1\RICHARD\APPLIC~1\Ahead
    [31/03/2007|12:17] C:\DOCUME~1\RICHARD\APPLIC~1\Nikon
    [28/03/2007|22:25] C:\DOCUME~1\RICHARD\APPLIC~1\Media Player Classic
    [25/03/2007|18:12] C:\DOCUME~1\RICHARD\APPLIC~1\MetaProducts
    [25/03/2007|15:19] C:\DOCUME~1\RICHARD\APPLIC~1\BitTorrent
    [25/03/2007|14:58] C:\DOCUME~1\RICHARD\APPLIC~1\Musicmatch
    [19/03/2007|20:47] C:\DOCUME~1\RICHARD\APPLIC~1\Google
    [07/03/2007|22:01] C:\DOCUME~1\RICHARD\APPLIC~1\EPSON
    [19/05/2006|11:41] C:\DOCUME~1\RICHARD\APPLIC~1\NeroDCTemplates
    [08/01/2006|22:59] C:\DOCUME~1\RICHARD\APPLIC~1\Logitech
    [30/12/2005|15:22] C:\DOCUME~1\RICHARD\APPLIC~1\AOL
    [04/11/2005|11:47] C:\DOCUME~1\RICHARD\APPLIC~1\You've Got Pictures Screensaver
    [04/11/2005|10:17] C:\DOCUME~1\RICHARD\APPLIC~1\Macromedia
    [28/10/2005|21:40] C:\DOCUME~1\RICHARD\APPLIC~1\CyberLink
    [27/10/2005|00:15] C:\DOCUME~1\RICHARD\APPLIC~1\Sun
    [19/10/2005|14:48] C:\DOCUME~1\RICHARD\APPLIC~1\desktop.ini
    [19/10/2005|12:53] C:\DOCUME~1\RICHARD\APPLIC~1\Identities

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [20/01/2008 09:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
    [22/01/2008 18:59][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [22/01/2008|19:02] C:\Program Files\Lop SD
    [22/01/2008|19:02] C:\Program Files\..
    [22/01/2008|19:02] C:\Program Files\.
    [21/01/2008|21:24] C:\Program Files\Accel charg
    [20/01/2008|22:11] C:\Program Files\eMule
    [20/01/2008|11:48] C:\Program Files\Spybot - Search & Destroy
    [20/01/2008|09:55] C:\Program Files\Apple Software Update
    [19/01/2008|20:47] C:\Program Files\Trend Micro
    [19/01/2008|14:25] C:\Program Files\Java
    [19/01/2008|13:46] C:\Program Files\QuickTime
    [19/01/2008|01:14] C:\Program Files\Fichiers communs
    [19/01/2008|00:10] C:\Program Files\InstallShield Installation Information
    [05/01/2008|11:07] C:\Program Files\Micro Application
    [14/12/2007|17:34] C:\Program Files\Internet Explorer
    [09/12/2007|10:37] C:\Program Files\Avast4
    [02/12/2007|20:23] C:\Program Files\Google
    [02/12/2007|20:23] C:\Program Files\dBpowerAMP12.2
    [02/12/2007|20:18] C:\Program Files\K-Lite Codec Pack
    [02/12/2007|20:10] C:\Program Files\DivX
    [02/12/2007|20:03] C:\Program Files\Xvid
    [02/12/2007|19:44] C:\Program Files\Real Alternative
    [01/12/2007|11:33] C:\Program Files\Home Cinema
    [30/11/2007|20:38] C:\Program Files\Search Settings
    [30/11/2007|20:33] C:\Program Files\Free Audio Pack
    [24/11/2007|15:14] C:\Program Files\Windows NT
    [24/11/2007|15:04] C:\Program Files\AC3Filter
    [24/11/2007|13:12] C:\Program Files\Pando Networks
    [22/11/2007|19:56] C:\Program Files\Elaborate Bytes
    [19/11/2007|00:28] C:\Program Files\Attack on Pearl Harbor
    [06/11/2007|20:14] C:\Program Files\Windows Media Player
    [06/11/2007|20:08] C:\Program Files\Windows Media Connect 2
    [22/09/2007|09:30] C:\Program Files\Unlocker
    [16/09/2007|16:01] C:\Program Files\SUPER-Vid
    [15/08/2007|23:08] C:\Program Files\MSXML 6.0
    [14/08/2007|14:32] C:\Program Files\Haali
    [14/08/2007|14:31] C:\Program Files\Riam
    [14/08/2007|14:27] C:\Program Files\MKVtoolnix
    [14/08/2007|14:23] C:\Program Files\Ripp-it_AM
    [08/08/2007|08:36] C:\Program Files\eRightSoft
    [08/08/2007|08:36] C:\Program Files\SUPER-Vid‚o
    [29/07/2007|11:03] C:\Program Files\Steinberg
    [11/07/2007|17:08] C:\Program Files\emoticones.exe
    [11/07/2007|17:08] C:\Program Files\emoticones1_5.exe
    [16/06/2007|13:21] C:\Program Files\WinRAR
    [13/06/2007|19:24] C:\Program Files\Outlook Express
    [18/05/2007|20:36] C:\Program Files\DivX3.11a
    [14/05/2007|23:04] C:\Program Files\DVD Shrink
    [10/05/2007|22:55] C:\Program Files\Audacity
    [08/05/2007|10:26] C:\Program Files\RALINK
    [30/04/2007|09:08] C:\Program Files\MSBuild
    [30/04/2007|09:03] C:\Program Files\Reference Assemblies
    [28/04/2007|19:11] C:\Program Files\AviSynth 2.5
    [28/04/2007|00:03] C:\Program Files\Vid‚o-Lecteur
    [08/04/2007|10:42] C:\Program Files\Realtek
    [03/04/2007|00:09] C:\Program Files\Monkey's Audio
    [31/03/2007|19:08] C:\Program Files\Nikon
    [28/03/2007|22:25] C:\Program Files\KC Softwares
    [25/03/2007|18:12] C:\Program Files\Download Express
    [25/03/2007|14:59] C:\Program Files\Windows Media Connect
    [25/03/2007|14:58] C:\Program Files\MUSICMATCH
    [22/03/2007|18:51] C:\Program Files\EPSON
    [20/03/2007|21:29] C:\Program Files\MSN Messenger
    [20/03/2007|21:23] C:\Program Files\Uninstall Information
    [20/03/2007|00:59] C:\Program Files\MSXML 4.0
    [20/03/2007|00:20] C:\Program Files\Medion Info Display
    [20/03/2007|00:08] C:\Program Files\X10 Hardware
    [07/03/2007|21:39] C:\Program Files\Microsoft Works
    [07/03/2007|21:39] C:\Program Files\Messenger
    [07/11/2006|21:15] C:\Program Files\Electronic Arts
    [11/07/2006|21:44] C:\Program Files\CyberLink
    [05/07/2006|19:12] C:\Program Files\YAMAHA
    [05/07/2006|19:12] C:\Program Files\Adobe
    [05/07/2006|19:12] C:\Program Files\Ahead
    [10/03/2006|22:27] C:\Program Files\Eidos Interactive
    [08/01/2006|22:56] C:\Program Files\Logitech
    [04/11/2005|11:47] C:\Program Files\Viewpoint
    [03/11/2005|18:35] C:\Program Files\Microsoft Works Suite 2006
    [26/10/2005|23:07] C:\Program Files\Common Files
    [19/10/2005|20:55] C:\Program Files\Microsoft AutoRoute
    [19/10/2005|20:52] C:\Program Files\Encarta
    [19/10/2005|20:44] C:\Program Files\Microsoft Office
    [19/10/2005|15:23] C:\Program Files\USB Wireless Keyboard Driver
    [19/10/2005|15:13] C:\Program Files\C-Media USB2.0 Card Reader
    [19/10/2005|14:02] C:\Program Files\Intel
    [19/10/2005|12:57] C:\Program Files\Windows Journal Viewer
    [19/10/2005|12:53] C:\Program Files\xerox
    [19/10/2005|12:53] C:\Program Files\microsoft frontpage
    [19/10/2005|12:52] C:\Program Files\Services en ligne
    [19/10/2005|12:52] C:\Program Files\NetMeeting
    [19/10/2005|12:52] C:\Program Files\Movie Maker
    [19/10/2005|12:51] C:\Program Files\MSN Gaming Zone
    [19/10/2005|12:51] C:\Program Files\MSN
    [28/06/2005|11:22] C:\Program Files\vob2mpg.exe

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [19/01/2008|01:14] C:\Program Files\Fichiers communs\PC SOFT
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\..
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\.
    [14/08/2007|13:59] C:\Program Files\Fichiers communs\AVSMedia
    [14/08/2007|13:51] C:\Program Files\Fichiers communs\Microsoft Shared
    [13/06/2007|19:24] C:\Program Files\Fichiers communs\System
    [28/04/2007|13:16] C:\Program Files\Fichiers communs\muvee Technologies
    [27/04/2007|18:31] C:\Program Files\Fichiers communs\ODBC
    [31/03/2007|12:17] C:\Program Files\Fichiers communs\Nikon
    [05/07/2006|19:12] C:\Program Files\Fichiers communs\aolshare
    [28/01/2006|19:33] C:\Program Files\Fichiers communs\Adobe
    [08/01/2006|22:56] C:\Program Files\Fichiers communs\Logitech
    [30/12/2005|15:22] C:\Program Files\Fichiers communs\AOL
    [04/11/2005|11:47] C:\Program Files\Fichiers communs\Nullsoft
    [04/11/2005|11:41] C:\Program Files\Fichiers communs\InstallShield
    [19/10/2005|20:44] C:\Program Files\Fichiers communs\Designer
    [19/10/2005|20:17] C:\Program Files\Fichiers communs\Java
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\LightScribe
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\Nero
    [19/10/2005|20:15] C:\Program Files\Fichiers communs\Ahead
    [19/10/2005|14:48] C:\Program Files\Fichiers communs\SpeechEngines
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\Services
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\MSSoap

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-22 19:03:59
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:944][Doss:109] C:\DOCUME~1\RICHARD\LOCALS~1\Temp
    /!\ [Fich:15178][Doss:29] C:\DOCUME~1\RICHARD\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:04:35,21 ]----------------------

    Après le lancement de « Lop », Avast m’a trouvé encore le même cheval de troye que la dernière fois : « botughfp » et Spybot m’informe d’une modif importante dans le registre:
    catégorie: System startup user entry
    élémemt: Pollcamp
    Ancienne valeur: C:\Document~1\Richard\Applic...\SCRBIR~1\software64browse.exe
    Dois je autoriser la modif?
    Merci
    a b 8 Sécurité
    22 Janvier 2008 19:27:13

    Refuse la modif'.
    Reposte un rapport Hijackthis.
    22 Janvier 2008 19:58:23

    Voili,

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:57:27, on 22/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Avast4\aswUpdSv.exe
    C:\Program Files\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Avast4\ashMaiSv.exe
    C:\Program Files\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\CmUCReye.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    C:\PROGRA~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Medion Info Display\MdionLCM.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Avast4\ashChest.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?id=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    F2 - REG:system.ini: Shell=explorer.exe D:\WINDOWS\Media\csrss.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MedionVFD] "C:\Program Files\Medion Info Display\MdionLCM.exe"
    O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [DumpTeam] C:\WinDev 11\DumpTeam_Pack_v4.5a6.exe /S
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [PollCamp] C:\DOCUME~1\RICHARD\APPLIC~1\SCRBIR~1\software64browse.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
    O15 - Trusted Zone: *.musicmatch.com
    O15 - Trusted Zone: *.musicmatch.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D2F06B0D-1726-4BC8-B13D-08EFFE8C00D2}: NameServer = 84.103.237.141,86.64.145.141
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 11850 bytes
    22 Janvier 2008 20:19:53

    Voici un second rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:18:18, on 22/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Avast4\aswUpdSv.exe
    C:\Program Files\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Avast4\ashMaiSv.exe
    C:\Program Files\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\CmUCReye.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    C:\PROGRA~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Medion Info Display\MdionLCM.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?id=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    F2 - REG:system.ini: Shell=explorer.exe D:\WINDOWS\Media\csrss.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MedionVFD] "C:\Program Files\Medion Info Display\MdionLCM.exe"
    O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [DumpTeam] C:\WinDev 11\DumpTeam_Pack_v4.5a6.exe /S
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [PollCamp] C:\DOCUME~1\RICHARD\APPLIC~1\SCRBIR~1\software64browse.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
    O15 - Trusted Zone: *.musicmatch.com
    O15 - Trusted Zone: *.musicmatch.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D2F06B0D-1726-4BC8-B13D-08EFFE8C00D2}: NameServer = 84.103.237.141,86.64.145.141
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 11681 bytes
    22 Janvier 2008 22:12:58

    Voici Doc!



    AntiVir PersonalEdition Classic
    Report file date: mardi 22 janvier 2008 21:08

    Scanning for 1063907 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: SYSTEM
    Computer name: LERICCI

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 20:07:27
    ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 15/01/2008 20:07:27
    ANTIVIR3.VDF : 7.0.2.31 319488 Bytes 22/01/2008 20:07:27
    AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 22/01/2008 20:07:28
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
    AVPACK32.DLL : 7.6.0.3 360488 Bytes 22/01/2008 20:07:28
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: E:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mardi 22 janvier 2008 21:08

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'mim.exe' - '1' Module(s) have been scanned
    Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned
    Scan process 'RaConfig2500.exe' - '1' Module(s) have been scanned
    Scan process 'NkbMonitor.exe' - '1' Module(s) have been scanned
    Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
    Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
    Scan process 'MMDiag.exe' - '1' Module(s) have been scanned
    Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'pando.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'qttask.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'SearchSettings.exe' - '1' Module(s) have been scanned
    Scan process 'VCDDaemon.exe' - '1' Module(s) have been scanned
    Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned
    Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
    Scan process 'MdionLCM.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'mm_tray.exe' - '1' Module(s) have been scanned
    Scan process 'CNYHKey.exe' - '1' Module(s) have been scanned
    Scan process 'mHotkey.exe' - '1' Module(s) have been scanned
    Scan process 'CmUCREye.exe' - '1' Module(s) have been scanned
    Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
    Scan process 'X10nets.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    50 processes with 50 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!
    Boot sector 'E:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '54' files ).


    Starting the file scan:

    Begin scan in 'C:\' <Programmes>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\RICHARD\Bureau\SmitfraudFix.exe
    [0] Archive type: RAR SFX (self extracting)
    --> SmitfraudFix\SmiUpdate.exe
    [DETECTION] Is the Trojan horse TR/VB.20480
    [INFO] The file was moved to '47ff4df0.qua'!
    C:\Documents and Settings\RICHARD\Bureau\SmitfraudFix\SmiUpdate.exe
    [DETECTION] Is the Trojan horse TR/VB.20480
    [INFO] The file was moved to '47ff4e24.qua'!
    C:\Documents and Settings\RICHARD\Mes documents\Logiciels et Co\Cubase\CD LOGICIEL AUDIO By Rageback\FRUITY LOOPS\effet-Plugins\PLUGINS VARIOS\Fruity.loops.3.56. .all.Plugins. .all.Sample.Packs. .all.Sou.ace
    [0] Archive type: ACE
    --> Fruity loops 3.56 + all Plugins + all Sample Packs + Manual espa¤ol\Plugins\Fruity Tracks v2.04-ZONE\file_id.diz
    [WARNING] Error creating the file
    --> Fruity loops 3.56 + all Plugins + all Sample Packs + Manual espa¤ol\Plugins\DreamStation.DXi_v1.0-PARADOX\file_id.diz
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    C:\System Volume Information\_restore{E6C9CA23-D5A3-401C-B9B0-7C9F09E5F657}\RP300\A0048326.exe
    [0] Archive type: RAR SFX (self extracting)
    --> SmitfraudFix\SmiUpdate.exe
    [DETECTION] Is the Trojan horse TR/VB.20480
    [INFO] The file was moved to '47c65389.qua'!
    C:\System Volume Information\_restore{E6C9CA23-D5A3-401C-B9B0-7C9F09E5F657}\RP303\A0049103.exe
    [0] Archive type: RAR SFX (self extracting)
    --> SmitfraudFix\SmiUpdate.exe
    [DETECTION] Is the Trojan horse TR/VB.20480
    [INFO] The file was moved to '47c653a1.qua'!
    C:\System Volume Information\_restore{E6C9CA23-D5A3-401C-B9B0-7C9F09E5F657}\RP303\A0049104.exe
    [DETECTION] Is the Trojan horse TR/VB.20480
    [INFO] The file was moved to '47c653b0.qua'!
    Begin scan in 'D:\' <Fichiers + Sécurité>
    D:\Mes documents\My Pando Packages\Le google des serials et cracks - by les pandologues\CrackDown_1.exe
    [DETECTION] Contains suspicious code HEUR/Crypted
    [INFO] The file was moved to '47f75997.qua'!
    Begin scan in 'E:\' <RECOVER>


    End of the scan: mardi 22 janvier 2008 22:01
    Used time: 53:05 min

    The scan has been done completely.

    6690 Scanning directories
    350134 Files were scanned
    5 viruses and/or unwanted programs were found
    1 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    6 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    350129 Files not concerned
    8774 Archives were scanned
    5 Warnings
    325 Notes

    a b 8 Sécurité
    23 Janvier 2008 13:17:28

    Reposte un rapport Hijackthis.
    23 Janvier 2008 20:22:07

    Bonjour,

    Je viens d'avoir un message de Spybot, une modification du registre que j'ai refusé: Update de flashplayer!

    Voilà le rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:19:29, on 23/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\WINDOWS\system32\CmUCReye.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Medion Info Display\MdionLCM.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?id=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    F2 - REG:system.ini: Shell=explorer.exe D:\WINDOWS\Media\csrss.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MedionVFD] "C:\Program Files\Medion Info Display\MdionLCM.exe"
    O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [DumpTeam] C:\WinDev 11\DumpTeam_Pack_v4.5a6.exe /S
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [PollCamp] C:\DOCUME~1\RICHARD\APPLIC~1\SCRBIR~1\software64browse.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
    O15 - Trusted Zone: *.musicmatch.com
    O15 - Trusted Zone: *.musicmatch.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D2F06B0D-1726-4BC8-B13D-08EFFE8C00D2}: NameServer = 84.103.237.141,86.64.145.141
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 11526 bytes
    a b 8 Sécurité
    23 Janvier 2008 20:38:16

    Supprime ta version de LopS&d puis recommence avec l'option 1.
    23 Janvier 2008 21:17:15

    Peux tu me donner le lien pour télécharger "Lop" Svp, il est où sur le site.....! Ca fait 10 minutes que je cherche!
    Merci
    23 Janvier 2008 21:19:36

    C'est bon, je l'ai!
    23 Janvier 2008 21:22:46

    Le voilà...pfou
    -----------------------------[ Lop S&D 2.1.3 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : RICHARD ] [ "C:\Program Files\Lop SD" ]
    [ 23/01/2008 | 21:19:53,50 ] [ PC : LERICCI ]
    [ MAJ : 23-01-2008 | 13:16 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [22/01/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [22/01/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [22/01/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
    [18/05/2007|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [19/10/2005|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [30/12/2005|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [20/01/2008|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [19/01/2008|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [22/01/2008|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [14/08/2007|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [27/11/2005|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [19/10/2005|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [02/12/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [22/11/2007|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flag Proc Win Deaf
    [02/12/2007|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/04/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [19/10/2005|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [19/10/2005|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [28/12/2005|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [02/12/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
    [27/10/2005|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [20/01/2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [22/11/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [04/11/2005|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [19/10/2005|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [20/03/2007|00:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings

    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [19/10/2005|20:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [30/12/2005|15:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
    [28/10/2005|21:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
    [19/10/2005|14:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [19/10/2005|12:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [04/11/2005|10:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28/10/2005|21:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [04/11/2005|11:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [27/10/2005|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [04/11/2005|11:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver


    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
    [31/10/2006|20:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [26/10/2005|23:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [31/10/2006|20:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [23/01/2008|20:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [23/01/2008|20:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [28/02/2006|22:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

    [23/01/2008|20:25] C:\DOCUME~1\RICHARD\APPLIC~1\.
    [23/01/2008|20:25] C:\DOCUME~1\RICHARD\APPLIC~1\..
    [30/11/2007|20:10] C:\DOCUME~1\RICHARD\APPLIC~1\AccurateRip
    [18/05/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Adobe
    [18/05/2007|12:21] C:\DOCUME~1\RICHARD\APPLIC~1\AdobeUM
    [09/04/2007|17:13] C:\DOCUME~1\RICHARD\APPLIC~1\Ahead
    [30/12/2005|15:22] C:\DOCUME~1\RICHARD\APPLIC~1\AOL
    [14/08/2007|13:54] C:\DOCUME~1\RICHARD\APPLIC~1\AVS4YOU
    [25/03/2007|15:19] C:\DOCUME~1\RICHARD\APPLIC~1\BitTorrent
    [28/10/2005|21:40] C:\DOCUME~1\RICHARD\APPLIC~1\CyberLink
    [30/11/2007|20:17] C:\DOCUME~1\RICHARD\APPLIC~1\dBpoweramp
    [19/10/2005|14:48] C:\DOCUME~1\RICHARD\APPLIC~1\desktop.ini
    [28/04/2007|21:05] C:\DOCUME~1\RICHARD\APPLIC~1\DivX
    [07/03/2007|22:01] C:\DOCUME~1\RICHARD\APPLIC~1\EPSON
    [23/11/2007|20:38] C:\DOCUME~1\RICHARD\APPLIC~1\GDIPFONTCACHEV1.DAT
    [19/03/2007|20:47] C:\DOCUME~1\RICHARD\APPLIC~1\Google
    [19/01/2008|00:58] C:\DOCUME~1\RICHARD\APPLIC~1\Graphisoft
    [13/05/2007|09:40] C:\DOCUME~1\RICHARD\APPLIC~1\Help
    [19/10/2005|12:53] C:\DOCUME~1\RICHARD\APPLIC~1\Identities
    [04/06/2007|19:06] C:\DOCUME~1\RICHARD\APPLIC~1\IDS_COMPANY
    [08/01/2006|22:59] C:\DOCUME~1\RICHARD\APPLIC~1\Logitech
    [04/11/2005|10:17] C:\DOCUME~1\RICHARD\APPLIC~1\Macromedia
    [28/03/2007|22:25] C:\DOCUME~1\RICHARD\APPLIC~1\Media Player Classic
    [09/07/2007|21:29] C:\DOCUME~1\RICHARD\APPLIC~1\Microsoft
    [25/03/2007|14:58] C:\DOCUME~1\RICHARD\APPLIC~1\Musicmatch
    [19/05/2006|11:41] C:\DOCUME~1\RICHARD\APPLIC~1\NeroDCTemplates
    [31/03/2007|12:17] C:\DOCUME~1\RICHARD\APPLIC~1\Nikon
    [02/12/2007|19:40] C:\DOCUME~1\RICHARD\APPLIC~1\Real
    [30/11/2007|21:06] C:\DOCUME~1\RICHARD\APPLIC~1\Search Settings
    [09/12/2007|15:18] C:\DOCUME~1\RICHARD\APPLIC~1\SecuROM
    [29/07/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Steinberg
    [27/10/2005|00:15] C:\DOCUME~1\RICHARD\APPLIC~1\Sun
    [28/04/2007|00:05] C:\DOCUME~1\RICHARD\APPLIC~1\vlc
    [22/01/2008|19:54] C:\DOCUME~1\RICHARD\APPLIC~1\wklnhst.dat
    [04/11/2005|11:47] C:\DOCUME~1\RICHARD\APPLIC~1\You've Got Pictures Screensaver

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [20/01/2008 09:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]
    [23/01/2008 21:00][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [23/01/2008|21:19] C:\Program Files\Lop SD
    [23/01/2008|21:00] C:\Program Files\Download Express
    [22/01/2008|21:04] C:\Program Files\Avira
    [22/01/2008|21:04] C:\Program Files\..
    [22/01/2008|21:04] C:\Program Files\.
    [22/01/2008|21:03] C:\Program Files\Avast4
    [21/01/2008|21:24] C:\Program Files\Accel charg
    [20/01/2008|22:11] C:\Program Files\eMule
    [20/01/2008|11:48] C:\Program Files\Spybot - Search & Destroy
    [20/01/2008|09:55] C:\Program Files\Apple Software Update
    [19/01/2008|20:47] C:\Program Files\Trend Micro
    [19/01/2008|14:25] C:\Program Files\Java
    [19/01/2008|13:46] C:\Program Files\QuickTime
    [19/01/2008|01:14] C:\Program Files\Fichiers communs
    [19/01/2008|00:10] C:\Program Files\InstallShield Installation Information
    [05/01/2008|11:07] C:\Program Files\Micro Application
    [14/12/2007|17:34] C:\Program Files\Internet Explorer
    [02/12/2007|20:23] C:\Program Files\Google
    [02/12/2007|20:23] C:\Program Files\dBpowerAMP12.2
    [02/12/2007|20:18] C:\Program Files\K-Lite Codec Pack
    [02/12/2007|20:10] C:\Program Files\DivX
    [02/12/2007|20:03] C:\Program Files\Xvid
    [02/12/2007|19:44] C:\Program Files\Real Alternative
    [01/12/2007|11:33] C:\Program Files\Home Cinema
    [30/11/2007|20:38] C:\Program Files\Search Settings
    [30/11/2007|20:33] C:\Program Files\Free Audio Pack
    [24/11/2007|15:14] C:\Program Files\Windows NT
    [24/11/2007|15:04] C:\Program Files\AC3Filter
    [24/11/2007|13:12] C:\Program Files\Pando Networks
    [22/11/2007|19:56] C:\Program Files\Elaborate Bytes
    [19/11/2007|00:28] C:\Program Files\Attack on Pearl Harbor
    [06/11/2007|20:14] C:\Program Files\Windows Media Player
    [06/11/2007|20:08] C:\Program Files\Windows Media Connect 2
    [22/09/2007|09:30] C:\Program Files\Unlocker
    [16/09/2007|16:01] C:\Program Files\SUPER-Vid
    [15/08/2007|23:08] C:\Program Files\MSXML 6.0
    [14/08/2007|14:32] C:\Program Files\Haali
    [14/08/2007|14:31] C:\Program Files\Riam
    [14/08/2007|14:27] C:\Program Files\MKVtoolnix
    [14/08/2007|14:23] C:\Program Files\Ripp-it_AM
    [08/08/2007|08:36] C:\Program Files\eRightSoft
    [08/08/2007|08:36] C:\Program Files\SUPER-Vid‚o
    [29/07/2007|11:03] C:\Program Files\Steinberg
    [11/07/2007|17:08] C:\Program Files\emoticones.exe
    [11/07/2007|17:08] C:\Program Files\emoticones1_5.exe
    [16/06/2007|13:21] C:\Program Files\WinRAR
    [13/06/2007|19:24] C:\Program Files\Outlook Express
    [18/05/2007|20:36] C:\Program Files\DivX3.11a
    [14/05/2007|23:04] C:\Program Files\DVD Shrink
    [10/05/2007|22:55] C:\Program Files\Audacity
    [08/05/2007|10:26] C:\Program Files\RALINK
    [30/04/2007|09:08] C:\Program Files\MSBuild
    [30/04/2007|09:03] C:\Program Files\Reference Assemblies
    [28/04/2007|19:11] C:\Program Files\AviSynth 2.5
    [28/04/2007|00:03] C:\Program Files\Vid‚o-Lecteur
    [08/04/2007|10:42] C:\Program Files\Realtek
    [03/04/2007|00:09] C:\Program Files\Monkey's Audio
    [31/03/2007|19:08] C:\Program Files\Nikon
    [28/03/2007|22:25] C:\Program Files\KC Softwares
    [25/03/2007|14:59] C:\Program Files\Windows Media Connect
    [25/03/2007|14:58] C:\Program Files\MUSICMATCH
    [22/03/2007|18:51] C:\Program Files\EPSON
    [20/03/2007|21:29] C:\Program Files\MSN Messenger
    [20/03/2007|21:23] C:\Program Files\Uninstall Information
    [20/03/2007|00:59] C:\Program Files\MSXML 4.0
    [20/03/2007|00:20] C:\Program Files\Medion Info Display
    [20/03/2007|00:08] C:\Program Files\X10 Hardware
    [07/03/2007|21:39] C:\Program Files\Microsoft Works
    [07/03/2007|21:39] C:\Program Files\Messenger
    [07/11/2006|21:15] C:\Program Files\Electronic Arts
    [11/07/2006|21:44] C:\Program Files\CyberLink
    [05/07/2006|19:12] C:\Program Files\YAMAHA
    [05/07/2006|19:12] C:\Program Files\Adobe
    [05/07/2006|19:12] C:\Program Files\Ahead
    [10/03/2006|22:27] C:\Program Files\Eidos Interactive
    [08/01/2006|22:56] C:\Program Files\Logitech
    [04/11/2005|11:47] C:\Program Files\Viewpoint
    [03/11/2005|18:35] C:\Program Files\Microsoft Works Suite 2006
    [26/10/2005|23:07] C:\Program Files\Common Files
    [19/10/2005|20:55] C:\Program Files\Microsoft AutoRoute
    [19/10/2005|20:52] C:\Program Files\Encarta
    [19/10/2005|20:44] C:\Program Files\Microsoft Office
    [19/10/2005|15:23] C:\Program Files\USB Wireless Keyboard Driver
    [19/10/2005|15:13] C:\Program Files\C-Media USB2.0 Card Reader
    [19/10/2005|14:02] C:\Program Files\Intel
    [19/10/2005|12:57] C:\Program Files\Windows Journal Viewer
    [19/10/2005|12:53] C:\Program Files\xerox
    [19/10/2005|12:53] C:\Program Files\microsoft frontpage
    [19/10/2005|12:52] C:\Program Files\Services en ligne
    [19/10/2005|12:52] C:\Program Files\NetMeeting
    [19/10/2005|12:52] C:\Program Files\Movie Maker
    [19/10/2005|12:51] C:\Program Files\MSN Gaming Zone
    [19/10/2005|12:51] C:\Program Files\MSN
    [28/06/2005|11:22] C:\Program Files\vob2mpg.exe

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [19/01/2008|01:14] C:\Program Files\Fichiers communs\PC SOFT
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\..
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\.
    [14/08/2007|13:59] C:\Program Files\Fichiers communs\AVSMedia
    [14/08/2007|13:51] C:\Program Files\Fichiers communs\Microsoft Shared
    [13/06/2007|19:24] C:\Program Files\Fichiers communs\System
    [28/04/2007|13:16] C:\Program Files\Fichiers communs\muvee Technologies
    [27/04/2007|18:31] C:\Program Files\Fichiers communs\ODBC
    [31/03/2007|12:17] C:\Program Files\Fichiers communs\Nikon
    [05/07/2006|19:12] C:\Program Files\Fichiers communs\aolshare
    [28/01/2006|19:33] C:\Program Files\Fichiers communs\Adobe
    [08/01/2006|22:56] C:\Program Files\Fichiers communs\Logitech
    [30/12/2005|15:22] C:\Program Files\Fichiers communs\AOL
    [04/11/2005|11:47] C:\Program Files\Fichiers communs\Nullsoft
    [04/11/2005|11:41] C:\Program Files\Fichiers communs\InstallShield
    [19/10/2005|20:44] C:\Program Files\Fichiers communs\Designer
    [19/10/2005|20:17] C:\Program Files\Fichiers communs\Java
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\LightScribe
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\Nero
    [19/10/2005|20:15] C:\Program Files\Fichiers communs\Ahead
    [19/10/2005|14:48] C:\Program Files\Fichiers communs\SpeechEngines
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\Services
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\MSSoap

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flag Proc Win Deaf

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-23 21:21:12
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:952][Doss:109] C:\DOCUME~1\RICHARD\LOCALS~1\Temp
    /!\ [Fich:1298][Doss:0] C:\DOCUME~1\RICHARD\Cookies
    /!\ [Fich:15582][Doss:29] C:\DOCUME~1\RICHARD\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 21:21:36,15 ]----------------------
    23 Janvier 2008 21:37:51

    A savoir qu'il a détecté un trojan... encore le même: le "botughfp.dll"? Je l'ai supprimé.
    a b 8 Sécurité
    23 Janvier 2008 21:38:58

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    23 Janvier 2008 21:51:45

    Antivir découvre le trojan: supprimé!


    -----------------------------[ Lop S&D 2.1.3 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : RICHARD ] [ "C:\Program Files\Lop SD" ]
    [ 23/01/2008 | 21:48:53,73 ] [ PC : LERICCI ]
    [ MAJ : 23-01-2008 | 13:16 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flag Proc Win Deaf

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [23/01/2008|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [23/01/2008|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [22/01/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
    [18/05/2007|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [19/10/2005|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [30/12/2005|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [20/01/2008|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [19/01/2008|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [22/01/2008|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [14/08/2007|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [27/11/2005|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [19/10/2005|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [02/12/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [02/12/2007|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/04/2007|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [19/10/2005|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [19/10/2005|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [28/12/2005|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [02/12/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
    [27/10/2005|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [20/01/2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [22/11/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [04/11/2005|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [19/10/2005|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [20/03/2007|00:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings

    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [04/11/2005|13:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [19/10/2005|20:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [30/12/2005|15:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
    [28/10/2005|21:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
    [19/10/2005|14:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [19/10/2005|12:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [04/11/2005|10:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [28/10/2005|21:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [04/11/2005|11:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
    [27/10/2005|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [04/11/2005|11:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver


    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [10/12/2005|23:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
    [31/10/2006|20:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [26/10/2005|23:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [19/10/2005|12:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [31/10/2006|20:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [23/01/2008|20:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [23/01/2008|20:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [28/02/2006|22:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

    [23/01/2008|20:25] C:\DOCUME~1\RICHARD\APPLIC~1\.
    [23/01/2008|20:25] C:\DOCUME~1\RICHARD\APPLIC~1\..
    [30/11/2007|20:10] C:\DOCUME~1\RICHARD\APPLIC~1\AccurateRip
    [18/05/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Adobe
    [18/05/2007|12:21] C:\DOCUME~1\RICHARD\APPLIC~1\AdobeUM
    [09/04/2007|17:13] C:\DOCUME~1\RICHARD\APPLIC~1\Ahead
    [30/12/2005|15:22] C:\DOCUME~1\RICHARD\APPLIC~1\AOL
    [14/08/2007|13:54] C:\DOCUME~1\RICHARD\APPLIC~1\AVS4YOU
    [25/03/2007|15:19] C:\DOCUME~1\RICHARD\APPLIC~1\BitTorrent
    [28/10/2005|21:40] C:\DOCUME~1\RICHARD\APPLIC~1\CyberLink
    [30/11/2007|20:17] C:\DOCUME~1\RICHARD\APPLIC~1\dBpoweramp
    [19/10/2005|14:48] C:\DOCUME~1\RICHARD\APPLIC~1\desktop.ini
    [28/04/2007|21:05] C:\DOCUME~1\RICHARD\APPLIC~1\DivX
    [07/03/2007|22:01] C:\DOCUME~1\RICHARD\APPLIC~1\EPSON
    [23/11/2007|20:38] C:\DOCUME~1\RICHARD\APPLIC~1\GDIPFONTCACHEV1.DAT
    [19/03/2007|20:47] C:\DOCUME~1\RICHARD\APPLIC~1\Google
    [19/01/2008|00:58] C:\DOCUME~1\RICHARD\APPLIC~1\Graphisoft
    [13/05/2007|09:40] C:\DOCUME~1\RICHARD\APPLIC~1\Help
    [19/10/2005|12:53] C:\DOCUME~1\RICHARD\APPLIC~1\Identities
    [04/06/2007|19:06] C:\DOCUME~1\RICHARD\APPLIC~1\IDS_COMPANY
    [08/01/2006|22:59] C:\DOCUME~1\RICHARD\APPLIC~1\Logitech
    [04/11/2005|10:17] C:\DOCUME~1\RICHARD\APPLIC~1\Macromedia
    [28/03/2007|22:25] C:\DOCUME~1\RICHARD\APPLIC~1\Media Player Classic
    [09/07/2007|21:29] C:\DOCUME~1\RICHARD\APPLIC~1\Microsoft
    [25/03/2007|14:58] C:\DOCUME~1\RICHARD\APPLIC~1\Musicmatch
    [19/05/2006|11:41] C:\DOCUME~1\RICHARD\APPLIC~1\NeroDCTemplates
    [31/03/2007|12:17] C:\DOCUME~1\RICHARD\APPLIC~1\Nikon
    [02/12/2007|19:40] C:\DOCUME~1\RICHARD\APPLIC~1\Real
    [30/11/2007|21:06] C:\DOCUME~1\RICHARD\APPLIC~1\Search Settings
    [09/12/2007|15:18] C:\DOCUME~1\RICHARD\APPLIC~1\SecuROM
    [29/07/2007|11:05] C:\DOCUME~1\RICHARD\APPLIC~1\Steinberg
    [27/10/2005|00:15] C:\DOCUME~1\RICHARD\APPLIC~1\Sun
    [28/04/2007|00:05] C:\DOCUME~1\RICHARD\APPLIC~1\vlc
    [22/01/2008|19:54] C:\DOCUME~1\RICHARD\APPLIC~1\wklnhst.dat
    [04/11/2005|11:47] C:\DOCUME~1\RICHARD\APPLIC~1\You've Got Pictures Screensaver

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [20/01/2008 09:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]
    [23/01/2008 21:00][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [23/01/2008|21:49] C:\Program Files\Lop SD
    [23/01/2008|21:00] C:\Program Files\Download Express
    [22/01/2008|21:04] C:\Program Files\Avira
    [22/01/2008|21:04] C:\Program Files\..
    [22/01/2008|21:04] C:\Program Files\.
    [22/01/2008|21:03] C:\Program Files\Avast4
    [21/01/2008|21:24] C:\Program Files\Accel charg
    [20/01/2008|22:11] C:\Program Files\eMule
    [20/01/2008|11:48] C:\Program Files\Spybot - Search & Destroy
    [20/01/2008|09:55] C:\Program Files\Apple Software Update
    [19/01/2008|20:47] C:\Program Files\Trend Micro
    [19/01/2008|14:25] C:\Program Files\Java
    [19/01/2008|13:46] C:\Program Files\QuickTime
    [19/01/2008|01:14] C:\Program Files\Fichiers communs
    [19/01/2008|00:10] C:\Program Files\InstallShield Installation Information
    [05/01/2008|11:07] C:\Program Files\Micro Application
    [14/12/2007|17:34] C:\Program Files\Internet Explorer
    [02/12/2007|20:23] C:\Program Files\Google
    [02/12/2007|20:23] C:\Program Files\dBpowerAMP12.2
    [02/12/2007|20:18] C:\Program Files\K-Lite Codec Pack
    [02/12/2007|20:10] C:\Program Files\DivX
    [02/12/2007|20:03] C:\Program Files\Xvid
    [02/12/2007|19:44] C:\Program Files\Real Alternative
    [01/12/2007|11:33] C:\Program Files\Home Cinema
    [30/11/2007|20:38] C:\Program Files\Search Settings
    [30/11/2007|20:33] C:\Program Files\Free Audio Pack
    [24/11/2007|15:14] C:\Program Files\Windows NT
    [24/11/2007|15:04] C:\Program Files\AC3Filter
    [24/11/2007|13:12] C:\Program Files\Pando Networks
    [22/11/2007|19:56] C:\Program Files\Elaborate Bytes
    [19/11/2007|00:28] C:\Program Files\Attack on Pearl Harbor
    [06/11/2007|20:14] C:\Program Files\Windows Media Player
    [06/11/2007|20:08] C:\Program Files\Windows Media Connect 2
    [22/09/2007|09:30] C:\Program Files\Unlocker
    [16/09/2007|16:01] C:\Program Files\SUPER-Vid
    [15/08/2007|23:08] C:\Program Files\MSXML 6.0
    [14/08/2007|14:32] C:\Program Files\Haali
    [14/08/2007|14:31] C:\Program Files\Riam
    [14/08/2007|14:27] C:\Program Files\MKVtoolnix
    [14/08/2007|14:23] C:\Program Files\Ripp-it_AM
    [08/08/2007|08:36] C:\Program Files\eRightSoft
    [08/08/2007|08:36] C:\Program Files\SUPER-Vid‚o
    [29/07/2007|11:03] C:\Program Files\Steinberg
    [11/07/2007|17:08] C:\Program Files\emoticones.exe
    [11/07/2007|17:08] C:\Program Files\emoticones1_5.exe
    [16/06/2007|13:21] C:\Program Files\WinRAR
    [13/06/2007|19:24] C:\Program Files\Outlook Express
    [18/05/2007|20:36] C:\Program Files\DivX3.11a
    [14/05/2007|23:04] C:\Program Files\DVD Shrink
    [10/05/2007|22:55] C:\Program Files\Audacity
    [08/05/2007|10:26] C:\Program Files\RALINK
    [30/04/2007|09:08] C:\Program Files\MSBuild
    [30/04/2007|09:03] C:\Program Files\Reference Assemblies
    [28/04/2007|19:11] C:\Program Files\AviSynth 2.5
    [28/04/2007|00:03] C:\Program Files\Vid‚o-Lecteur
    [08/04/2007|10:42] C:\Program Files\Realtek
    [03/04/2007|00:09] C:\Program Files\Monkey's Audio
    [31/03/2007|19:08] C:\Program Files\Nikon
    [28/03/2007|22:25] C:\Program Files\KC Softwares
    [25/03/2007|14:59] C:\Program Files\Windows Media Connect
    [25/03/2007|14:58] C:\Program Files\MUSICMATCH
    [22/03/2007|18:51] C:\Program Files\EPSON
    [20/03/2007|21:29] C:\Program Files\MSN Messenger
    [20/03/2007|21:23] C:\Program Files\Uninstall Information
    [20/03/2007|00:59] C:\Program Files\MSXML 4.0
    [20/03/2007|00:20] C:\Program Files\Medion Info Display
    [20/03/2007|00:08] C:\Program Files\X10 Hardware
    [07/03/2007|21:39] C:\Program Files\Microsoft Works
    [07/03/2007|21:39] C:\Program Files\Messenger
    [07/11/2006|21:15] C:\Program Files\Electronic Arts
    [11/07/2006|21:44] C:\Program Files\CyberLink
    [05/07/2006|19:12] C:\Program Files\YAMAHA
    [05/07/2006|19:12] C:\Program Files\Adobe
    [05/07/2006|19:12] C:\Program Files\Ahead
    [10/03/2006|22:27] C:\Program Files\Eidos Interactive
    [08/01/2006|22:56] C:\Program Files\Logitech
    [04/11/2005|11:47] C:\Program Files\Viewpoint
    [03/11/2005|18:35] C:\Program Files\Microsoft Works Suite 2006
    [26/10/2005|23:07] C:\Program Files\Common Files
    [19/10/2005|20:55] C:\Program Files\Microsoft AutoRoute
    [19/10/2005|20:52] C:\Program Files\Encarta
    [19/10/2005|20:44] C:\Program Files\Microsoft Office
    [19/10/2005|15:23] C:\Program Files\USB Wireless Keyboard Driver
    [19/10/2005|15:13] C:\Program Files\C-Media USB2.0 Card Reader
    [19/10/2005|14:02] C:\Program Files\Intel
    [19/10/2005|12:57] C:\Program Files\Windows Journal Viewer
    [19/10/2005|12:53] C:\Program Files\xerox
    [19/10/2005|12:53] C:\Program Files\microsoft frontpage
    [19/10/2005|12:52] C:\Program Files\Services en ligne
    [19/10/2005|12:52] C:\Program Files\NetMeeting
    [19/10/2005|12:52] C:\Program Files\Movie Maker
    [19/10/2005|12:51] C:\Program Files\MSN Gaming Zone
    [19/10/2005|12:51] C:\Program Files\MSN
    [28/06/2005|11:22] C:\Program Files\vob2mpg.exe

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [19/01/2008|01:14] C:\Program Files\Fichiers communs\PC SOFT
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\..
    [19/01/2008|01:14] C:\Program Files\Fichiers communs\.
    [14/08/2007|13:59] C:\Program Files\Fichiers communs\AVSMedia
    [14/08/2007|13:51] C:\Program Files\Fichiers communs\Microsoft Shared
    [13/06/2007|19:24] C:\Program Files\Fichiers communs\System
    [28/04/2007|13:16] C:\Program Files\Fichiers communs\muvee Technologies
    [27/04/2007|18:31] C:\Program Files\Fichiers communs\ODBC
    [31/03/2007|12:17] C:\Program Files\Fichiers communs\Nikon
    [05/07/2006|19:12] C:\Program Files\Fichiers communs\aolshare
    [28/01/2006|19:33] C:\Program Files\Fichiers communs\Adobe
    [08/01/2006|22:56] C:\Program Files\Fichiers communs\Logitech
    [30/12/2005|15:22] C:\Program Files\Fichiers communs\AOL
    [04/11/2005|11:47] C:\Program Files\Fichiers communs\Nullsoft
    [04/11/2005|11:41] C:\Program Files\Fichiers communs\InstallShield
    [19/10/2005|20:44] C:\Program Files\Fichiers communs\Designer
    [19/10/2005|20:17] C:\Program Files\Fichiers communs\Java
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\LightScribe
    [19/10/2005|20:16] C:\Program Files\Fichiers communs\Nero
    [19/10/2005|20:15] C:\Program Files\Fichiers communs\Ahead
    [19/10/2005|14:48] C:\Program Files\Fichiers communs\SpeechEngines
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\Services
    [19/10/2005|12:52] C:\Program Files\Fichiers communs\MSSoap

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-23 21:49:47
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:952][Doss:109] C:\DOCUME~1\RICHARD\LOCALS~1\Temp
    /!\ [Fich:1298][Doss:0] C:\DOCUME~1\RICHARD\Cookies
    /!\ [Fich:15680][Doss:29] C:\DOCUME~1\RICHARD\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 21:50:09,96 ]----------------------
    a b 8 Sécurité
    23 Janvier 2008 21:53:27

    Mieux ?
    23 Janvier 2008 22:03:07

    Je viens de redémarrer...et non! pas mieux idem malheureusement.
    Que puis je faire Doc!
    a b 8 Sécurité
    24 Janvier 2008 13:12:25

    Reposte un rapport Hijackthis.
    24 Janvier 2008 21:06:03

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:04:49, on 24/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\CmUCReye.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Medion Info Display\MdionLCM.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?id=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    F2 - REG:system.ini: Shell=explorer.exe D:\WINDOWS\Media\csrss.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MedionVFD] "C:\Program Files\Medion Info Display\MdionLCM.exe"
    O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [DumpTeam] C:\WinDev 11\DumpTeam_Pack_v4.5a6.exe /S
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\pando.exe" /Minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [PollCamp] C:\DOCUME~1\RICHARD\APPLIC~1\SCRBIR~1\software64browse.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
    O15 - Trusted Zone: *.musicmatch.com
    O15 - Trusted Zone: *.musicmatch.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D2F06B0D-1726-4BC8-B13D-08EFFE8C00D2}: NameServer = 84.103.237.141,86.64.145.141
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 11494 bytes
    a b 8 Sécurité
    24 Janvier 2008 21:07:32

    Tu as réinstallé un programme récemment ?
    24 Janvier 2008 23:28:30

    C'est à dire depuis quand?

    Il y a une semaine avant que ce message "...csrss..." apparaisse, j'ai installé Windev 9 qui me demandait une clef...pour cela j'ai téléchargé "gaagle" (désinstallé aujourd'hui) et j'ai trouvé un crack type "Dump...v4" , il n'a pas fonctionné = Windev 9 est désinstallé!
    Installation du 11: Idem pas de clef, essai avec crack "Dump...v5.2"
    Windev 11 désinstallé!
    Installation de Archicad 11 ok mais pas possible de le lancer...il manque un fichier où il n'a pas trouvé? Je ne sais plus... donc désinstallation!

    Cela n'est pas aisé de connaître l'origine, mon ordi étant souvent allumé cette période et le système de présentant rien d'anormal.
    En effet, mon système m'est apparu plus long au démarrage, un peu plus lent ensuite, et "Paf" ce message pour la première fois le week end dernier.

    Si cela peut t'aider....enfin j'espère!

    Merci, à + tard.
    25 Janvier 2008 00:55:41

    Ca y est, j'ai réussi à le virer!

    Alors
    1/ J'ai nettoyé le Host

    2/J'ai ouvert LopS&d, option 2 = Aprés catchme, Antivir m'a trouvé TR/INJECT.MF que j'ai fait supprimé.

    2/ Je suis allé dans Gestionnaire des taches et j'ai arrêté le processus Winlogon

    3/ Il a redémarré et j'ai lancé Spybot qui a découvert un problème:
    Win32 = winlogon sous l'ancienne adresse: D:\Windows\media\csrss.exe
    J'ai fait corrigé.

    4/Ensuite redémarrer et rien rapidité, fluidité plus de message!

    J'espère que ce n'est pas un leur....restons optimistes!

    Merci beaucoup "Angeldark"...peut-être que j'aurais encore besoin de ton aide un de ces 4!

    Pourvu que ça dure!
    a+


    a b 8 Sécurité
    25 Janvier 2008 19:04:24

    Reposte quand même un rapport Hijackthis.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS