Se connecter / S'enregistrer
Votre question

[Résolu - Merci a Angeldark]Pub intempestives + Pc lent

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Janvier 2008 16:14:33

Bonjour a vous,

depuis quelques temps , mon ordinateur es devennu lent, de plus j'ai des fenetres publicitaires qui apparraissent sans que je ne le veuille.

Pourriez vous m'aider a resoudre ce probleme ? je n'ai pas envie de formater l'ordinateur pour resoudre le probleme . Et puis on ma dis que ici on s'occupait bien de ce genre de probleme .

Merci encore.

( je travaille trs souvent sur l'ordinateur . )

Autres pages sur : resolu merci angeldark pub intempestives lent

15 Janvier 2008 18:12:15

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:12:56, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9056 bytes


Voila, merci pour le temps que tu vas me consacrer .
Contenus similaires
a b 8 Sécurité
15 Janvier 2008 18:44:59

Re,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    15 Janvier 2008 19:58:10

    Voila qui es fait :


    -----------------------------[ Lop S&D 2.0.5 ]---------------------------

    [ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    [ USER: Pitzy ] [ "C:\Program Files\Lop SD" ]

    [ mar. 15/01/2008 | 19:20:47,56 ] [ ACERAL1715 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    [01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [22/11/2006|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
    [20/10/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [20/10/2006|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/10/2006|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [06/10/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [26/09/2006|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [26/09/2006|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [22/09/2006|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [21/09/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

    [13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
    [13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
    [13/01/2008|12:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
    [13/01/2008|11:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
    [13/01/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
    [12/01/2008|23:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
    [02/12/2007|11:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
    [30/11/2007|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
    [28/11/2007|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
    [28/11/2007|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
    [01/11/2007|20:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
    [01/11/2007|19:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\xnwfyhdk.mld
    [30/10/2007|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm
    [20/10/2007|19:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WindowsLiveInstaller
    [18/09/2007|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\UDL
    [01/08/2007|19:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
    [01/08/2007|16:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
    [30/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
    [18/07/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Corporation
    [15/07/2007|13:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
    [03/07/2007|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
    [29/06/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
    [16/04/2007|18:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
    [29/03/2007|21:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.zreglib
    [07/02/2007|13:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
    [27/01/2007|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
    [01/01/2007|11:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
    [22/11/2006|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Support.com


    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Microsoft
    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\..
    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\.
    [10/01/2008|12:35] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Mozilla

    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [21/09/2006|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.

    [24/09/2006|18:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

    [03/12/2006|02:14] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
    [22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
    [22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.

    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

    [22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\..
    [22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.
    [22/11/2006|17:06] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft

    [08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\..
    [08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\.
    [05/07/2007|10:31] C:\DOCUME~1\patrick\APPLIC~1\Mozilla

    [13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\..
    [13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\.
    [13/01/2008|12:11] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Blue comp media
    [13/01/2008|11:28] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Adobe
    [10/01/2008|19:06] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\LimeWire
    [28/11/2007|15:40] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
    [25/11/2007|20:46] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Sun
    [24/11/2007|12:45] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mp3tag
    [20/11/2007|22:39] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ulead Systems
    [22/10/2007|18:41] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\EPSON
    [14/10/2007|12:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Teleca
    [05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mozilla
    [05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Micro Application
    [01/08/2007|19:47] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\TuneUp Software
    [01/08/2007|10:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Microsoft
    [18/07/2007|20:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MegauploadToolbar
    [15/07/2007|15:27] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Apple Computer
    [13/07/2007|17:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\WinRAR
    [09/07/2007|13:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\vlc
    [29/06/2007|19:08] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Grisoft
    [10/04/2007|09:04] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\ATI
    [15/03/2007|20:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Help
    [23/02/2007|18:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ahead
    [01/12/2006|18:52] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Macromedia
    [22/11/2006|19:59] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MSNInstaller
    [22/11/2006|19:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Logitech
    [22/11/2006|17:48] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\desktop.ini


    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [15/01/2008 19:00][--ah-----] C:\WINDOWS\tasks\AA155DE8919ADADC.job
    [11/01/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [14/01/2008 08:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [14/01/2008 06:22][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [15/01/2008|19:20] C:\Program Files\Lop SD
    [15/01/2008|19:18] C:\Program Files\..
    [15/01/2008|19:18] C:\Program Files\.
    [15/01/2008|18:25] C:\Program Files\Mozilla Firefox
    [13/01/2008|21:39] C:\Program Files\Trend Micro
    [13/01/2008|15:04] C:\Program Files\World of Warcraft
    [13/01/2008|14:47] C:\Program Files\L'Odyss‚e d'Abe
    [13/01/2008|14:43] C:\Program Files\Babylon
    [13/01/2008|12:10] C:\Program Files\Blue comp media
    [13/01/2008|12:10] C:\Program Files\Circle Developement
    [13/01/2008|12:10] C:\Program Files\Messenger Plus! Live
    [13/01/2008|11:29] C:\Program Files\PandoBar
    [13/01/2008|11:29] C:\Program Files\Internet Explorer
    [13/01/2008|11:28] C:\Program Files\TuneUp Utilities 2007
    [13/01/2008|11:28] C:\Program Files\id Software
    [13/01/2008|11:28] C:\Program Files\InstallShield Installation Information
    [31/12/2007|12:07] C:\Program Files\wow fun
    [10/12/2007|21:56] C:\Program Files\Pando Networks
    [30/11/2007|19:08] C:\Program Files\Adverts
    [30/11/2007|18:36] C:\Program Files\Windows Live
    [29/11/2007|07:49] C:\Program Files\Dcads Advanced Toolbar
    [28/11/2007|23:20] C:\Program Files\VDMSound
    [28/11/2007|18:34] C:\Program Files\Sony Ericsson
    [28/11/2007|18:21] C:\Program Files\Fichiers communs
    [28/11/2007|18:18] C:\Program Files\Visicom Media
    [28/11/2007|17:53] C:\Program Files\Windows Media Player
    [28/11/2007|17:52] C:\Program Files\LimeWire
    [26/11/2007|21:10] C:\Program Files\Ma‹do Production
    [26/11/2007|20:45] C:\Program Files\Windows Live Safety Center
    [24/11/2007|12:44] C:\Program Files\Mp3tag
    [20/11/2007|22:37] C:\Program Files\Ulead Systems
    [16/11/2007|18:52] C:\Program Files\GameSpy Arcade
    [13/11/2007|18:00] C:\Program Files\solarus
    [13/11/2007|18:00] C:\Program Files\Mixxx
    [08/11/2007|20:01] C:\Program Files\Java
    [05/11/2007|17:49] C:\Program Files\uninstal.log
    [04/11/2007|21:19] C:\Program Files\CamStudio
    [02/11/2007|19:58] C:\Program Files\AVS4YOU
    [02/11/2007|17:02] C:\Program Files\WoW worldofheroes
    [24/10/2007|17:29] C:\Program Files\WoW ivalice
    [19/10/2007|15:20] C:\Program Files\WowCartographe
    [19/10/2007|15:19] C:\Program Files\Rapidown
    [18/10/2007|16:18] C:\Program Files\MSXML 4.0
    [06/10/2007|12:46] C:\Program Files\Ahead
    [06/10/2007|12:33] C:\Program Files\Alcohol Soft
    [18/09/2007|18:42] C:\Program Files\epson
    [25/08/2007|11:15] C:\Program Files\Paint.NET
    [19/08/2007|13:02] C:\Program Files\MSXML 6.0
    [13/08/2007|15:53] C:\Program Files\WinISO
    [12/08/2007|18:08] C:\Program Files\Spybot - Search & Destroy
    [05/08/2007|22:48] C:\Program Files\Micro Application
    [02/08/2007|10:50] C:\Program Files\WinRAR
    [01/08/2007|16:13] C:\Program Files\Outlook Express
    [01/08/2007|12:19] C:\Program Files\pspvideo9
    [01/08/2007|00:51] C:\Program Files\AviSynth 2.5
    [29/07/2007|14:02] C:\Program Files\Infogrames
    [26/07/2007|22:26] C:\Program Files\Windows Live Toolbar
    [18/07/2007|22:28] C:\Program Files\DAEMON Tools
    [18/07/2007|21:41] C:\Program Files\ATI Technologies
    [18/07/2007|20:35] C:\Program Files\MSI
    [15/07/2007|13:05] C:\Program Files\QuickTime
    [15/07/2007|13:03] C:\Program Files\Apple Software Update
    [10/07/2007|14:58] C:\Program Files\Movie Maker
    [09/07/2007|13:17] C:\Program Files\VideoLAN
    [08/07/2007|12:10] C:\Program Files\THQ
    [01/07/2007|19:37] C:\Program Files\Zone Labs
    [29/06/2007|21:45] C:\Program Files\WinPop
    [29/06/2007|19:07] C:\Program Files\Grisoft
    [27/05/2007|19:05] C:\Program Files\Messenger
    [18/04/2007|19:06] C:\Program Files\MSBuild
    [18/04/2007|19:02] C:\Program Files\Logitech
    [18/04/2007|18:59] C:\Program Files\Reference Assemblies
    [15/04/2007|11:33] C:\Program Files\C-Media 3D Audio
    [22/03/2007|16:44] C:\Program Files\Alwil Software
    [21/03/2007|19:17] C:\Program Files\Windows Media Connect 2
    [27/01/2007|11:25] C:\Program Files\philips
    [27/01/2007|11:03] C:\Program Files\msn gaming zone
    [10/01/2007|21:40] C:\Program Files\Windows NT
    [10/01/2007|14:17] C:\Program Files\Adobe
    [10/01/2007|14:08] C:\Program Files\D-Link
    [10/12/2006|13:32] C:\Program Files\Macromedia
    [05/12/2006|17:37] C:\Program Files\Microsoft Works
    [05/12/2006|17:36] C:\Program Files\Microsoft Visual Studio
    [04/12/2006|21:49] C:\Program Files\MSECache
    [04/12/2006|19:43] C:\Program Files\Microsoft Office
    [04/12/2006|19:38] C:\Program Files\Microsoft.NET
    [22/11/2006|15:04] C:\Program Files\VIA
    [22/11/2006|13:06] C:\Program Files\support.com
    [16/11/2006|15:35] C:\Program Files\MessengerPlus! 3
    [23/10/2006|19:56] C:\Program Files\Skype
    [21/09/2006|15:32] C:\Program Files\xerox
    [21/09/2006|15:32] C:\Program Files\microsoft frontpage
    [21/09/2006|15:29] C:\Program Files\WindowsUpdate
    [21/09/2006|15:29] C:\Program Files\Services en ligne
    [21/09/2006|15:28] C:\Program Files\NetMeeting

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [30/11/2007|18:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [28/11/2007|18:34] C:\Program Files\Fichiers communs\Teleca Shared
    [28/11/2007|18:21] C:\Program Files\Fichiers communs\..
    [28/11/2007|18:21] C:\Program Files\Fichiers communs\.
    [26/11/2007|21:10] C:\Program Files\Fichiers communs\Microsoft Shared
    [02/11/2007|19:58] C:\Program Files\Fichiers communs\AVSMedia
    [19/08/2007|12:58] C:\Program Files\Fichiers communs\ODBC
    [05/08/2007|22:48] C:\Program Files\Fichiers communs\Acronis
    [01/08/2007|19:46] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [03/07/2007|22:35] C:\Program Files\Fichiers communs\Java
    [16/06/2007|10:35] C:\Program Files\Fichiers communs\System
    [18/04/2007|18:58] C:\Program Files\Fichiers communs\logishrd
    [16/04/2007|18:27] C:\Program Files\Fichiers communs\Ahead
    [22/03/2007|18:10] C:\Program Files\Fichiers communs\Panda Software
    [15/03/2007|19:17] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [10/01/2007|14:17] C:\Program Files\Fichiers communs\Adobe
    [10/12/2006|13:32] C:\Program Files\Fichiers communs\Macromedia
    [05/12/2006|17:36] C:\Program Files\Fichiers communs\DESIGNER
    [04/12/2006|18:38] C:\Program Files\Fichiers communs\newObjects
    [22/11/2006|19:10] C:\Program Files\Fichiers communs\Logitech
    [13/10/2006|21:16] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [08/10/2006|11:18] C:\Program Files\Fichiers communs\InstallShield
    [23/09/2006|14:53] C:\Program Files\Fichiers communs\FotoWire
    [21/09/2006|17:16] C:\Program Files\Fichiers communs\SpeechEngines
    [21/09/2006|15:28] C:\Program Files\Fichiers communs\Services
    [21/09/2006|15:28] C:\Program Files\Fichiers communs\MSSoap

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Temp\bisE4.exe

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Adverts
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\WINDOWS\Tasks\AA155DE8919ADADC.job

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-15 19:59:43
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:277][Doss:19] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\Temp
    /!\ [Fich:611][Doss:12] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 20:01:01,01 ]----------------------
    a b 8 Sécurité
    15 Janvier 2008 20:34:56

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    15 Janvier 2008 21:45:28

    Ok, encore merci de m'aider si rapidement .

    Voici le nouveau rapport :


    -----------------------------[ Lop S&D 2.0.5 ]---------------------------

    [ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    [ USER: Pitzy ] [ "C:\Program Files\Lop SD" ]

    [ mar. 15/01/2008 | 20:49:39,53 ] [ ACERAL1715 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\WINDOWS\Tasks\AA155DE8919ADADC.job
    Supprimé! - C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Temp\bisE4.exe
    Supprimé! - C:\Program Files\Adverts
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [22/11/2006|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
    [20/10/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [20/10/2006|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/10/2006|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [06/10/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [26/09/2006|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [26/09/2006|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [22/09/2006|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [21/09/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

    [13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
    [13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
    [13/01/2008|12:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
    [13/01/2008|11:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
    [13/01/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
    [12/01/2008|23:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
    [02/12/2007|11:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
    [30/11/2007|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
    [28/11/2007|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
    [28/11/2007|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
    [01/11/2007|20:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
    [01/11/2007|19:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\xnwfyhdk.mld
    [30/10/2007|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm
    [20/10/2007|19:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WindowsLiveInstaller
    [18/09/2007|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\UDL
    [01/08/2007|19:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
    [01/08/2007|16:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
    [30/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
    [18/07/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Corporation
    [15/07/2007|13:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
    [03/07/2007|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
    [29/06/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
    [16/04/2007|18:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
    [29/03/2007|21:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.zreglib
    [07/02/2007|13:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
    [27/01/2007|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
    [01/01/2007|11:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
    [22/11/2006|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Support.com


    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Microsoft
    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\..
    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\.
    [10/01/2008|12:35] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Mozilla

    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [21/09/2006|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.

    [24/09/2006|18:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

    [03/12/2006|02:14] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
    [22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
    [22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.

    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

    [22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\..
    [22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.
    [22/11/2006|17:06] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft

    [08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\..
    [08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\.
    [05/07/2007|10:31] C:\DOCUME~1\patrick\APPLIC~1\Mozilla

    [13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\..
    [13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\.
    [13/01/2008|12:11] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Blue comp media
    [13/01/2008|11:28] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Adobe
    [10/01/2008|19:06] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\LimeWire
    [28/11/2007|15:40] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
    [25/11/2007|20:46] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Sun
    [24/11/2007|12:45] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mp3tag
    [20/11/2007|22:39] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ulead Systems
    [22/10/2007|18:41] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\EPSON
    [14/10/2007|12:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Teleca
    [05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mozilla
    [05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Micro Application
    [01/08/2007|19:47] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\TuneUp Software
    [01/08/2007|10:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Microsoft
    [18/07/2007|20:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MegauploadToolbar
    [15/07/2007|15:27] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Apple Computer
    [13/07/2007|17:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\WinRAR
    [09/07/2007|13:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\vlc
    [29/06/2007|19:08] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Grisoft
    [10/04/2007|09:04] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\ATI
    [15/03/2007|20:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Help
    [23/02/2007|18:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ahead
    [01/12/2006|18:52] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Macromedia
    [22/11/2006|19:59] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MSNInstaller
    [22/11/2006|19:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Logitech
    [22/11/2006|17:48] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\desktop.ini


    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [11/01/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [14/01/2008 08:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [14/01/2008 06:22][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [15/01/2008|20:51] C:\Program Files\Lop SD
    [15/01/2008|20:51] C:\Program Files\..
    [15/01/2008|20:51] C:\Program Files\.
    [15/01/2008|18:25] C:\Program Files\Mozilla Firefox
    [13/01/2008|21:39] C:\Program Files\Trend Micro
    [13/01/2008|15:04] C:\Program Files\World of Warcraft
    [13/01/2008|14:47] C:\Program Files\L'Odyss‚e d'Abe
    [13/01/2008|14:43] C:\Program Files\Babylon
    [13/01/2008|12:10] C:\Program Files\Blue comp media
    [13/01/2008|12:10] C:\Program Files\Messenger Plus! Live
    [13/01/2008|11:29] C:\Program Files\PandoBar
    [13/01/2008|11:29] C:\Program Files\Internet Explorer
    [13/01/2008|11:28] C:\Program Files\TuneUp Utilities 2007
    [13/01/2008|11:28] C:\Program Files\id Software
    [13/01/2008|11:28] C:\Program Files\InstallShield Installation Information
    [31/12/2007|12:07] C:\Program Files\wow fun
    [10/12/2007|21:56] C:\Program Files\Pando Networks
    [30/11/2007|18:36] C:\Program Files\Windows Live
    [29/11/2007|07:49] C:\Program Files\Dcads Advanced Toolbar
    [28/11/2007|23:20] C:\Program Files\VDMSound
    [28/11/2007|18:34] C:\Program Files\Sony Ericsson
    [28/11/2007|18:21] C:\Program Files\Fichiers communs
    [28/11/2007|18:18] C:\Program Files\Visicom Media
    [28/11/2007|17:53] C:\Program Files\Windows Media Player
    [28/11/2007|17:52] C:\Program Files\LimeWire
    [26/11/2007|21:10] C:\Program Files\Ma‹do Production
    [26/11/2007|20:45] C:\Program Files\Windows Live Safety Center
    [24/11/2007|12:44] C:\Program Files\Mp3tag
    [20/11/2007|22:37] C:\Program Files\Ulead Systems
    [16/11/2007|18:52] C:\Program Files\GameSpy Arcade
    [13/11/2007|18:00] C:\Program Files\solarus
    [13/11/2007|18:00] C:\Program Files\Mixxx
    [08/11/2007|20:01] C:\Program Files\Java
    [05/11/2007|17:49] C:\Program Files\uninstal.log
    [04/11/2007|21:19] C:\Program Files\CamStudio
    [02/11/2007|19:58] C:\Program Files\AVS4YOU
    [02/11/2007|17:02] C:\Program Files\WoW worldofheroes
    [24/10/2007|17:29] C:\Program Files\WoW ivalice
    [19/10/2007|15:20] C:\Program Files\WowCartographe
    [19/10/2007|15:19] C:\Program Files\Rapidown
    [18/10/2007|16:18] C:\Program Files\MSXML 4.0
    [06/10/2007|12:46] C:\Program Files\Ahead
    [06/10/2007|12:33] C:\Program Files\Alcohol Soft
    [18/09/2007|18:42] C:\Program Files\epson
    [25/08/2007|11:15] C:\Program Files\Paint.NET
    [19/08/2007|13:02] C:\Program Files\MSXML 6.0
    [13/08/2007|15:53] C:\Program Files\WinISO
    [12/08/2007|18:08] C:\Program Files\Spybot - Search & Destroy
    [05/08/2007|22:48] C:\Program Files\Micro Application
    [02/08/2007|10:50] C:\Program Files\WinRAR
    [01/08/2007|16:13] C:\Program Files\Outlook Express
    [01/08/2007|12:19] C:\Program Files\pspvideo9
    [01/08/2007|00:51] C:\Program Files\AviSynth 2.5
    [29/07/2007|14:02] C:\Program Files\Infogrames
    [26/07/2007|22:26] C:\Program Files\Windows Live Toolbar
    [18/07/2007|22:28] C:\Program Files\DAEMON Tools
    [18/07/2007|21:41] C:\Program Files\ATI Technologies
    [18/07/2007|20:35] C:\Program Files\MSI
    [15/07/2007|13:05] C:\Program Files\QuickTime
    [15/07/2007|13:03] C:\Program Files\Apple Software Update
    [10/07/2007|14:58] C:\Program Files\Movie Maker
    [09/07/2007|13:17] C:\Program Files\VideoLAN
    [08/07/2007|12:10] C:\Program Files\THQ
    [01/07/2007|19:37] C:\Program Files\Zone Labs
    [29/06/2007|21:45] C:\Program Files\WinPop
    [29/06/2007|19:07] C:\Program Files\Grisoft
    [27/05/2007|19:05] C:\Program Files\Messenger
    [18/04/2007|19:06] C:\Program Files\MSBuild
    [18/04/2007|19:02] C:\Program Files\Logitech
    [18/04/2007|18:59] C:\Program Files\Reference Assemblies
    [15/04/2007|11:33] C:\Program Files\C-Media 3D Audio
    [22/03/2007|16:44] C:\Program Files\Alwil Software
    [21/03/2007|19:17] C:\Program Files\Windows Media Connect 2
    [27/01/2007|11:25] C:\Program Files\philips
    [27/01/2007|11:03] C:\Program Files\msn gaming zone
    [10/01/2007|21:40] C:\Program Files\Windows NT
    [10/01/2007|14:17] C:\Program Files\Adobe
    [10/01/2007|14:08] C:\Program Files\D-Link
    [10/12/2006|13:32] C:\Program Files\Macromedia
    [05/12/2006|17:37] C:\Program Files\Microsoft Works
    [05/12/2006|17:36] C:\Program Files\Microsoft Visual Studio
    [04/12/2006|21:49] C:\Program Files\MSECache
    [04/12/2006|19:43] C:\Program Files\Microsoft Office
    [04/12/2006|19:38] C:\Program Files\Microsoft.NET
    [22/11/2006|15:04] C:\Program Files\VIA
    [22/11/2006|13:06] C:\Program Files\support.com
    [16/11/2006|15:35] C:\Program Files\MessengerPlus! 3
    [23/10/2006|19:56] C:\Program Files\Skype
    [21/09/2006|15:32] C:\Program Files\xerox
    [21/09/2006|15:32] C:\Program Files\microsoft frontpage
    [21/09/2006|15:29] C:\Program Files\WindowsUpdate
    [21/09/2006|15:29] C:\Program Files\Services en ligne
    [21/09/2006|15:28] C:\Program Files\NetMeeting

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [30/11/2007|18:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [28/11/2007|18:34] C:\Program Files\Fichiers communs\Teleca Shared
    [28/11/2007|18:21] C:\Program Files\Fichiers communs\..
    [28/11/2007|18:21] C:\Program Files\Fichiers communs\.
    [26/11/2007|21:10] C:\Program Files\Fichiers communs\Microsoft Shared
    [02/11/2007|19:58] C:\Program Files\Fichiers communs\AVSMedia
    [19/08/2007|12:58] C:\Program Files\Fichiers communs\ODBC
    [05/08/2007|22:48] C:\Program Files\Fichiers communs\Acronis
    [01/08/2007|19:46] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [03/07/2007|22:35] C:\Program Files\Fichiers communs\Java
    [16/06/2007|10:35] C:\Program Files\Fichiers communs\System
    [18/04/2007|18:58] C:\Program Files\Fichiers communs\logishrd
    [16/04/2007|18:27] C:\Program Files\Fichiers communs\Ahead
    [22/03/2007|18:10] C:\Program Files\Fichiers communs\Panda Software
    [15/03/2007|19:17] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [10/01/2007|14:17] C:\Program Files\Fichiers communs\Adobe
    [10/12/2006|13:32] C:\Program Files\Fichiers communs\Macromedia
    [05/12/2006|17:36] C:\Program Files\Fichiers communs\DESIGNER
    [04/12/2006|18:38] C:\Program Files\Fichiers communs\newObjects
    [22/11/2006|19:10] C:\Program Files\Fichiers communs\Logitech
    [13/10/2006|21:16] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [08/10/2006|11:18] C:\Program Files\Fichiers communs\InstallShield
    [23/09/2006|14:53] C:\Program Files\Fichiers communs\FotoWire
    [21/09/2006|17:16] C:\Program Files\Fichiers communs\SpeechEngines
    [21/09/2006|15:28] C:\Program Files\Fichiers communs\Services
    [21/09/2006|15:28] C:\Program Files\Fichiers communs\MSSoap

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-15 21:11:09
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:277][Doss:19] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\Temp
    /!\ [Fich:612][Doss:12] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 21:48:55,81 ]----------------------
    a b 8 Sécurité
    15 Janvier 2008 21:50:11

    Reposte un rapport Hijackthis.
    15 Janvier 2008 21:54:08

    (content de vous voir toujours dispo a cette heure ci )

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:57:42, on 15/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\explorer.exe
    C:\PROGRA~1\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
    O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.ijji.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
    O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9056 bytes
    a b 8 Sécurité
    16 Janvier 2008 13:17:21

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
    O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
    O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe


    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1
    C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin
    C:\Program Files\Blue comp media
    C:\Program Files\Dcads Advanced Toolbar

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    16 Janvier 2008 14:23:27

    C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1 moved successfully.
    Folder cleanup failed. C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin scheduled to be deleted on reboot.
    C:\Program Files\Blue comp media moved successfully.
    C:\Program Files\Dcads Advanced Toolbar moved successfully.

    Created on 01/16/2008 14:15:34

    Voila :) 
    a b 8 Sécurité
    16 Janvier 2008 14:40:40

    Reposte un rapport Hijackthis et LopS&D option 1 :) 
    16 Janvier 2008 14:58:12

    Voila deja l'Hijackthis : ( LopS&D es en cours )

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:01:56, on 16/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
    O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.ijji.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
    O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8467 bytes
    16 Janvier 2008 15:21:05


    -----------------------------[ Lop S&D 2.0.5 ]---------------------------

    [ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    [ USER: Pitzy ] [ "C:\Program Files\Lop SD" ]

    [ mer. 16/01/2008 | 15:02:19,78 ] [ ACERAL1715 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    [01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [22/11/2006|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
    [20/10/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [20/10/2006|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/10/2006|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [06/10/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [26/09/2006|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [26/09/2006|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [22/09/2006|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [21/09/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

    [13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
    [13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
    [13/01/2008|12:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
    [13/01/2008|11:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
    [13/01/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
    [12/01/2008|23:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
    [02/12/2007|11:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
    [30/11/2007|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
    [28/11/2007|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
    [28/11/2007|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
    [01/11/2007|20:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
    [01/11/2007|19:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\xnwfyhdk.mld
    [30/10/2007|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm
    [20/10/2007|19:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WindowsLiveInstaller
    [18/09/2007|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\UDL
    [01/08/2007|19:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
    [01/08/2007|16:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
    [30/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
    [18/07/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Corporation
    [15/07/2007|13:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
    [03/07/2007|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
    [29/06/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
    [16/04/2007|18:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
    [29/03/2007|21:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.zreglib
    [07/02/2007|13:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
    [27/01/2007|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
    [01/01/2007|11:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
    [22/11/2006|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Support.com


    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Microsoft
    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\..
    [13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\.
    [10/01/2008|12:35] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Mozilla

    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [21/09/2006|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
    [28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.

    [24/09/2006|18:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

    [03/12/2006|02:14] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
    [22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
    [22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.

    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

    [22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\..
    [22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.
    [22/11/2006|17:06] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft

    [08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\..
    [08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\.
    [05/07/2007|10:31] C:\DOCUME~1\patrick\APPLIC~1\Mozilla

    [16/01/2008|14:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\..
    [16/01/2008|14:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\.
    [13/01/2008|11:28] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Adobe
    [10/01/2008|19:06] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\LimeWire
    [28/11/2007|15:40] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
    [25/11/2007|20:46] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Sun
    [24/11/2007|12:45] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mp3tag
    [20/11/2007|22:39] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ulead Systems
    [22/10/2007|18:41] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\EPSON
    [14/10/2007|12:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Teleca
    [05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mozilla
    [05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Micro Application
    [01/08/2007|19:47] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\TuneUp Software
    [01/08/2007|10:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Microsoft
    [18/07/2007|20:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MegauploadToolbar
    [15/07/2007|15:27] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Apple Computer
    [13/07/2007|17:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\WinRAR
    [09/07/2007|13:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\vlc
    [29/06/2007|19:08] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Grisoft
    [10/04/2007|09:04] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\ATI
    [15/03/2007|20:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Help
    [23/02/2007|18:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ahead
    [01/12/2006|18:52] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Macromedia
    [22/11/2006|19:59] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MSNInstaller
    [22/11/2006|19:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Logitech
    [22/11/2006|17:48] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\desktop.ini


    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [11/01/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [14/01/2008 08:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [16/01/2008 14:18][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [16/01/2008|15:02] C:\Program Files\Lop SD
    [16/01/2008|14:25] C:\Program Files\Mozilla Firefox
    [16/01/2008|14:15] C:\Program Files\..
    [16/01/2008|14:15] C:\Program Files\.
    [13/01/2008|21:39] C:\Program Files\Trend Micro
    [13/01/2008|15:04] C:\Program Files\World of Warcraft
    [13/01/2008|14:47] C:\Program Files\L'Odyss‚e d'Abe
    [13/01/2008|14:43] C:\Program Files\Babylon
    [13/01/2008|12:10] C:\Program Files\Messenger Plus! Live
    [13/01/2008|11:29] C:\Program Files\PandoBar
    [13/01/2008|11:29] C:\Program Files\Internet Explorer
    [13/01/2008|11:28] C:\Program Files\TuneUp Utilities 2007
    [13/01/2008|11:28] C:\Program Files\id Software
    [13/01/2008|11:28] C:\Program Files\InstallShield Installation Information
    [31/12/2007|12:07] C:\Program Files\wow fun
    [10/12/2007|21:56] C:\Program Files\Pando Networks
    [30/11/2007|18:36] C:\Program Files\Windows Live
    [28/11/2007|23:20] C:\Program Files\VDMSound
    [28/11/2007|18:34] C:\Program Files\Sony Ericsson
    [28/11/2007|18:21] C:\Program Files\Fichiers communs
    [28/11/2007|18:18] C:\Program Files\Visicom Media
    [28/11/2007|17:53] C:\Program Files\Windows Media Player
    [28/11/2007|17:52] C:\Program Files\LimeWire
    [26/11/2007|21:10] C:\Program Files\Ma‹do Production
    [26/11/2007|20:45] C:\Program Files\Windows Live Safety Center
    [24/11/2007|12:44] C:\Program Files\Mp3tag
    [20/11/2007|22:37] C:\Program Files\Ulead Systems
    [16/11/2007|18:52] C:\Program Files\GameSpy Arcade
    [13/11/2007|18:00] C:\Program Files\solarus
    [13/11/2007|18:00] C:\Program Files\Mixxx
    [08/11/2007|20:01] C:\Program Files\Java
    [05/11/2007|17:49] C:\Program Files\uninstal.log
    [04/11/2007|21:19] C:\Program Files\CamStudio
    [02/11/2007|19:58] C:\Program Files\AVS4YOU
    [02/11/2007|17:02] C:\Program Files\WoW worldofheroes
    [24/10/2007|17:29] C:\Program Files\WoW ivalice
    [19/10/2007|15:20] C:\Program Files\WowCartographe
    [19/10/2007|15:19] C:\Program Files\Rapidown
    [18/10/2007|16:18] C:\Program Files\MSXML 4.0
    [06/10/2007|12:46] C:\Program Files\Ahead
    [06/10/2007|12:33] C:\Program Files\Alcohol Soft
    [18/09/2007|18:42] C:\Program Files\epson
    [25/08/2007|11:15] C:\Program Files\Paint.NET
    [19/08/2007|13:02] C:\Program Files\MSXML 6.0
    [13/08/2007|15:53] C:\Program Files\WinISO
    [12/08/2007|18:08] C:\Program Files\Spybot - Search & Destroy
    [05/08/2007|22:48] C:\Program Files\Micro Application
    [02/08/2007|10:50] C:\Program Files\WinRAR
    [01/08/2007|16:13] C:\Program Files\Outlook Express
    [01/08/2007|12:19] C:\Program Files\pspvideo9
    [01/08/2007|00:51] C:\Program Files\AviSynth 2.5
    [29/07/2007|14:02] C:\Program Files\Infogrames
    [26/07/2007|22:26] C:\Program Files\Windows Live Toolbar
    [18/07/2007|22:28] C:\Program Files\DAEMON Tools
    [18/07/2007|21:41] C:\Program Files\ATI Technologies
    [18/07/2007|20:35] C:\Program Files\MSI
    [15/07/2007|13:05] C:\Program Files\QuickTime
    [15/07/2007|13:03] C:\Program Files\Apple Software Update
    [10/07/2007|14:58] C:\Program Files\Movie Maker
    [09/07/2007|13:17] C:\Program Files\VideoLAN
    [08/07/2007|12:10] C:\Program Files\THQ
    [01/07/2007|19:37] C:\Program Files\Zone Labs
    [29/06/2007|21:45] C:\Program Files\WinPop
    [29/06/2007|19:07] C:\Program Files\Grisoft
    [27/05/2007|19:05] C:\Program Files\Messenger
    [18/04/2007|19:06] C:\Program Files\MSBuild
    [18/04/2007|19:02] C:\Program Files\Logitech
    [18/04/2007|18:59] C:\Program Files\Reference Assemblies
    [15/04/2007|11:33] C:\Program Files\C-Media 3D Audio
    [22/03/2007|16:44] C:\Program Files\Alwil Software
    [21/03/2007|19:17] C:\Program Files\Windows Media Connect 2
    [27/01/2007|11:25] C:\Program Files\philips
    [27/01/2007|11:03] C:\Program Files\msn gaming zone
    [10/01/2007|21:40] C:\Program Files\Windows NT
    [10/01/2007|14:17] C:\Program Files\Adobe
    [10/01/2007|14:08] C:\Program Files\D-Link
    [10/12/2006|13:32] C:\Program Files\Macromedia
    [05/12/2006|17:37] C:\Program Files\Microsoft Works
    [05/12/2006|17:36] C:\Program Files\Microsoft Visual Studio
    [04/12/2006|21:49] C:\Program Files\MSECache
    [04/12/2006|19:43] C:\Program Files\Microsoft Office
    [04/12/2006|19:38] C:\Program Files\Microsoft.NET
    [22/11/2006|15:04] C:\Program Files\VIA
    [22/11/2006|13:06] C:\Program Files\support.com
    [16/11/2006|15:35] C:\Program Files\MessengerPlus! 3
    [23/10/2006|19:56] C:\Program Files\Skype
    [21/09/2006|15:32] C:\Program Files\xerox
    [21/09/2006|15:32] C:\Program Files\microsoft frontpage
    [21/09/2006|15:29] C:\Program Files\WindowsUpdate
    [21/09/2006|15:29] C:\Program Files\Services en ligne
    [21/09/2006|15:28] C:\Program Files\NetMeeting

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [30/11/2007|18:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [28/11/2007|18:34] C:\Program Files\Fichiers communs\Teleca Shared
    [28/11/2007|18:21] C:\Program Files\Fichiers communs\..
    [28/11/2007|18:21] C:\Program Files\Fichiers communs\.
    [26/11/2007|21:10] C:\Program Files\Fichiers communs\Microsoft Shared
    [02/11/2007|19:58] C:\Program Files\Fichiers communs\AVSMedia
    [19/08/2007|12:58] C:\Program Files\Fichiers communs\ODBC
    [05/08/2007|22:48] C:\Program Files\Fichiers communs\Acronis
    [01/08/2007|19:46] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [03/07/2007|22:35] C:\Program Files\Fichiers communs\Java
    [16/06/2007|10:35] C:\Program Files\Fichiers communs\System
    [18/04/2007|18:58] C:\Program Files\Fichiers communs\logishrd
    [16/04/2007|18:27] C:\Program Files\Fichiers communs\Ahead
    [22/03/2007|18:10] C:\Program Files\Fichiers communs\Panda Software
    [15/03/2007|19:17] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [10/01/2007|14:17] C:\Program Files\Fichiers communs\Adobe
    [10/12/2006|13:32] C:\Program Files\Fichiers communs\Macromedia
    [05/12/2006|17:36] C:\Program Files\Fichiers communs\DESIGNER
    [04/12/2006|18:38] C:\Program Files\Fichiers communs\newObjects
    [22/11/2006|19:10] C:\Program Files\Fichiers communs\Logitech
    [13/10/2006|21:16] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [08/10/2006|11:18] C:\Program Files\Fichiers communs\InstallShield
    [23/09/2006|14:53] C:\Program Files\Fichiers communs\FotoWire
    [21/09/2006|17:16] C:\Program Files\Fichiers communs\SpeechEngines
    [21/09/2006|15:28] C:\Program Files\Fichiers communs\Services
    [21/09/2006|15:28] C:\Program Files\Fichiers communs\MSSoap

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-16 15:14:04
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:284][Doss:18] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\Temp
    /!\ [Fich:243][Doss:12] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 15:14:45,92 ]----------------------
    a b 8 Sécurité
    16 Janvier 2008 15:59:02

    Re,

    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
    C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    16 Janvier 2008 16:06:20

    Le rapport :

    C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin moved successfully.
    C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar moved successfully.

    Created on 01/16/2008 16:09:06

    Merci.
    a b 8 Sécurité
    16 Janvier 2008 16:07:28

    Reposte un rapport Hijackthis.
    16 Janvier 2008 16:14:58

    Ok,

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:18:47, on 16/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
    O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.ijji.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
    O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8467 bytes
    16 Janvier 2008 17:41:40

    Ok, je t'envoi le rapport des que possible .
    a b 8 Sécurité
    16 Janvier 2008 18:36:02

    Ok ;) 
    17 Janvier 2008 07:31:59

    - Dites moi, je vais bientot aller m'acheter un antivirus, vous me recommanderiez lequel ? Merci en tout cas, j'espere ne pas vous avoir trop fais attendre, j'avais beaucoup de boulot ce soir :-/

    Le rapport AntiVir :


    AntiVir PersonalEdition Classic
    Report file date: mercredi 16 janvier 2008 20:31

    Scanning for 835736 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: SYSTEM
    Computer name: ACERAL1715

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
    ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
    ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
    ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
    AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
    AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mercredi 16 janvier 2008 20:31

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'wmplayer.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
    Scan process 'guard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    31 processes with 31 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '24' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\RECYCLER\S-1-5-21-1844237615-2139871995-682003330-1006\Dc97\Raphael - Hotel de l univers -album 192kbps - mp3.mp3
    [0] Archive type: ACE
    --> Raphael - Hotel 11 - Libre service.mp3
    [WARNING] Error creating the file
    --> Raphael - Hotel BT - Cela nous aurait suffi (live).mp3
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023717.exe
    [DETECTION] Is the Trojan horse TR/Drop.NaviP.U.5.B
    [INFO] The file was moved to '47be8177.qua'!
    C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023718.exe
    [DETECTION] Is the Trojan horse TR/Drop.NaviP.U.5.B
    [INFO] The file was moved to '46c30ee0.qua'!
    C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023719.exe
    [DETECTION] Contains suspicious code HEUR/Crypted
    [INFO] The file was moved to '47be8178.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!


    End of the scan: jeudi 17 janvier 2008 00:18
    Used time: 3:46:53 min

    The scan has been done completely.

    8961 Scanning directories
    243580 Files were scanned
    2 viruses and/or unwanted programs were found
    1 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    3 files were moved to quarantine
    0 files were renamed
    3 Files cannot be scanned
    243578 Files not concerned
    1546 Archives were scanned
    6 Warnings
    0 Notes
    a b 8 Sécurité
    17 Janvier 2008 18:55:06

    Reposte un rapport Hijackthis.
    17 Janvier 2008 19:05:04

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:07:26, on 17/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
    O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.ijji.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
    O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8218 bytes
    a b 8 Sécurité
    17 Janvier 2008 19:09:08

    Re,

    Télécharge Gmer.
    Dézippe le dans un dossier ou sur ton bureau.

    Déconnecte toi d'Internet puis et ferme tous les programmes.
    Double-clique sur Gmer.exe.

    IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

    Clique sur l'onglet rootkit.
    A droite, coche Files et Services.
    Clique maintenant sur Scan.

    Lorsque le scan est terminé, clique sur Copy.

    Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
    Le rapport doit alors apparaître.
    Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
    17 Janvier 2008 20:45:47

    GMER 1.0.13.12551 - http://www.gmer.net
    Rootkit scan 2008-01-17 20:47:59
    Windows 5.1.2600 Service Pack 2


    ---- Files - GMER 1.0.13 ----

    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\bibounia@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{19DA7ED1-E8B2-382D-C279-1CEB228C7581}\01\10-{19DA7ED1-E8B2-382D-C279-1CEB228C7581}-v1-{CA7985EE-EB3A-4007-AB74-2785CFE37B9C}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\cedric_potter91@hotmail.com\DFSR\Staging\CS{0C9E0B21-AA95-1EB0-184C-C3BE2C788DCF}\01\19-{0C9E0B21-AA95-1EB0-184C-C3BE2C788DCF}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\01\82-{73986AF0-4B2E-AFA5-FB31-C6366E93F478}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v82-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\02\102-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v102-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\38\86-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v38-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v86-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\38\86-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v38-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v86-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\39\87-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v39-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v87-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\39\87-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v39-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v87-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\40\88-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v88-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\40\88-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v88-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\41\41-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v41-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v41-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\42\42-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v42-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\43\91-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\43\91-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\44\44-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v44-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v44-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\45\45-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v45-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v45-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\46\46-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v46-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v46-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\47\95-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\47\95-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\48\96-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v48-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\48\96-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v48-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\49\97-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v49-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\49\97-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v49-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\50\98-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v50-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\50\98-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v50-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\51\51-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v51-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\96\132-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v96-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\96\132-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v96-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\j_dks1991@hotmail.com\DFSR\Staging\CS{E9C05784-5B1B-B282-E454-0967C6CDFF91}\01\10-{E9C05784-5B1B-B282-E454-0967C6CDFF91}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\01\20-{3F22DDF3-B091-37E5-3C03-12C2D380236B}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\01\11-{D0FD756C-FE81-50FE-3B14-43955D2EF697}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\86\16-{73753995-05D0-42F3-BF27-26B4FDE00341}-v386-{4090FF1F-F352-4F5A-95BC-7F0F2FE3F2F2}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
    ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\86\16-{73753995-05D0-42F3-BF27-26B4FDE00341}-v386-{4090FF1F-F352-4F5A-95BC-7F0F2FE3F2F2}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

    ---- EOF - GMER 1.0.13 ----
    a b 8 Sécurité
    17 Janvier 2008 21:04:53

    Re,

    Imprime ces instructions si nécessaire car il va y avoir un redémarrage de l'ordinateur.

    Télécharge le FixWareout (LonnyRJones[/#f]) sur le Bureau.
    **Si le lien ne fonctionne pas, clique [#ff0000]ici
    **

    Lance le fix (FixWareout.exe), clique sur Next puis Install.
    Assure-toi que Run fixit soit bien activé puis clique sur Finish.
    Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

    Au final, poste le contenu du rapport C:\fixwareout\report.txt avec un nouveau rapport HijackThis.
    17 Janvier 2008 22:51:37

    ( Je n'ai deja plus de fenetres intempestives depuis quelques temps, déja un grand merci . )

    Username "Pitzy" - 17/01/2008 21:34:00 [Fixwareout edited 9/01/2007]

    ~~~~~ Prerun check

    Cache de résolution DNS vidé.


    System was rebooted successfully.

    ~~~~~ Postrun check
    HKLM\SOFTWARE\~\Winlogon\ "System"="lsass.exe"
    ....
    ....
    ~~~~~ Misc files.
    ....
    ~~~~~ Checking for older varients.
    ....

    ~~~~~ Current runs (hklm hkcu "run" Keys Only)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
    "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
    "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
    65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
    "EPSON Stylus DX3800 Series (Copie 1)"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIACE.EXE /P36 \"EPSON Stylus DX3800 Series (Copie 1)\" /O6 \"USB001\" /M \"Stylus DX3800\""
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TuneUp MemOptimizer"="\"C:\\Program Files\\TuneUp Utilities 2007\\MemOptimizer.exe\" autostart"
    "MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    ....
    Hosts file was reset, If you use a custom hosts file please replace it...
    ~~~~~ End report ~~~~~

    --------------------------------------------------------------------------
    --------------------------------------------------------------------------
    --------------------------------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:54:33, on 17/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\notepad.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
    O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.ijji.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
    O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8223 bytes
    a b 8 Sécurité
    18 Janvier 2008 13:16:08

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
    O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
    18 Janvier 2008 13:21:29

    Voila c'est fait .
    a b 8 Sécurité
    18 Janvier 2008 13:33:35

    Reposte un rapport Hijackthis.
    18 Janvier 2008 13:36:47

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:40:24, on 18/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LVComsX.exe
    C:\PROGRA~1\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
    O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://www.ijji.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 7724 bytes
    18 Janvier 2008 15:23:32

    Re,

    Je voulais vous prevenir de mon absence pour ce weekend, je ne serais la que dimanche en debut d'apres midi.

    Merci .
    18 Janvier 2008 17:19:28

    Début de matinée plutot =)

    Que dois-je faire ? je mettrai deja un rapport une fois rentré .
    a b 8 Sécurité
    18 Janvier 2008 17:41:20

    Tu as encore des soucis ?
    20 Janvier 2008 11:20:44

    Non, tout a l'air d'aller bien .

    J'ai plus qu'a aller m'acheter un bon antivirus.
    20 Janvier 2008 11:49:14

    Merci pour ton aide precieuse .
    a b 8 Sécurité
    20 Janvier 2008 13:16:25

    ok :) 

  • Télécharge ToolsCleaner sur ton Bureau.
  • Clique sur Recherche et laisse le scan se terminer.
  • Clique sur Suppression pour finaliser.
  • Clique sur Quitter, pour que le rapport puisse se créer.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

    Désactive puis réactive la restauration du système : Voir aide

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

    20 Janvier 2008 19:21:01

    -->- Recherche:

    C:\Vundofix backups: trouvé !
    C:\_OtMoveIt: trouvé !
    C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: trouvé !
    C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Lop S&D.lnk: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.exe: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.zip: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\FixWareout.exe: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\OtMoveIt.exe: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\tar.exe: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\remove.reg: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\pskill.exe: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\LFiles.exe: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\gzip.exe: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delsiri.cmd: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delr.cmd: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del3.cmd: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del2.cmd: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\clean.cmd: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\cherche.cmd: trouvé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\Lop S&D: trouvé !
    C:\Program Files\Lop SD: trouvé !
    C:\Program Files\Lop SD\Lop S&D.lnk: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
    C:\WINDOWS\Gmer.exe: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Lop S&D.lnk: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.exe: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.zip: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\FixWareout.exe: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\OtMoveIt.exe: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\tar.exe: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\remove.reg: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\pskill.exe: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\LFiles.exe: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\gzip.exe: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delsiri.cmd: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delr.cmd: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del3.cmd: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del2.cmd: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\clean.cmd: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\cherche.cmd: supprimé !
    C:\Program Files\Lop SD\Lop S&D.lnk: supprimé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\WINDOWS\Gmer.exe: supprimé !
    C:\Vundofix backups: supprimé !
    C:\_OtMoveIt: supprimé !
    C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: supprimé !
    C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\Lop S&D: supprimé !
    C:\Program Files\Lop SD: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS