Votre question

virus sur mon ordi :(

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
22 Décembre 2007 19:52:49

bonsoir,
je pense avoir plein de virus sur mon ordi, des fenetres noirs s'affiche au demarrage de l'ordi ( ...temp/cn511.... )
il est long a s'allumer aussi !!!
aidez moi svp
merci d'avance

Autres pages sur : virus ordi

22 Décembre 2007 23:18:27

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:20:13, on 22/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
c:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
c:\fotowin\RTETPISv.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.gophersearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ODBCJET.exe,
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Hold option boob bin] C:\Documents and Settings\All Users\Application Data\ford does hold option\Send obj.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [view readme] C:\DOCUME~1\PROPRI~1\APPLIC~1\CREATI~1\chicplay.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://dl.ad-ware.cc/IgcsgJzLOnw4rtzAEhpG.chm::/on-line...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDe...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RTE : Partage TAPI (RTETAPIService) - RTE Software - c:\fotowin\RTETPISv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 11161 bytes
Contenus similaires
a b 8 Sécurité
23 Décembre 2007 12:12:54

Tu as combien d'antivirus ?
23 Décembre 2007 23:34:24

aucun il a expiré depuis un moment j'avais avast
26 Décembre 2007 19:55:45

analyse en cours !!!
26 Décembre 2007 21:27:39



AntiVir PersonalEdition Classic
Report file date: mercredi 26 décembre 2007 20:07

Scanning for 992748 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-W8KZ05N5F7S

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 18:48:06
ANTIVIR2.VDF : 7.0.1.157 286720 Bytes 26/12/2007 18:48:06
ANTIVIR3.VDF : 7.0.1.158 2048 Bytes 26/12/2007 18:48:06
AVEWIN32.DLL : 7.6.0.46 3084800 Bytes 26/12/2007 18:48:07
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.2 360488 Bytes 26/12/2007 18:48:07
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir

personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 26 décembre 2007 20:07

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been

scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'rapimgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'vVX1000.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'hphmon05.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RTETPISV.EXE' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
42 processes with 42 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '32' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\asdxmzux.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\dxhodywt.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\fddyiiaw.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.EN.112
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\fdwetanp.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\hvmomzrk.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\ivnkehzb.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\jfpkhiql.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\jpjzekas.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\mrccewjb.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\oflqsknl.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\pfzdvosz.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\rtghditr.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\suzsaqls.exe
[DETECTION] Is the Trojan horse TR/FatObfus.2.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\ucbcrezv.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\vdwnkxqh.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\vga option tons.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Propriétaire\Application

Data\CreativeShimCorn\vngllfdx.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and

Settings\Propriétaire\Bureau\WinAntiVirusPro2006FreeInstall_fr.exe
[DETECTION] Is the Trojan horse TR/Dldr.FakeAV.B
[INFO] The file was deleted!
C:\Program Files\Adverts\uninst.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

788\A0197839.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

788\A0197844.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

788\A0197849.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

789\A0197872.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

789\A0197877.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

789\A0197884.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

790\A0197903.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

790\A0197908.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

790\A0197916.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197940.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197945.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197958.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197961.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.EN.497
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197962.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197963.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197964.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197965.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197966.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197967.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197968.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197969.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197971.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.EN.493
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197972.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.EN.53
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197984.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

791\A0197989.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

792\A0198007.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

792\A0198026.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

792\A0198031.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

792\A0198036.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

793\A0198047.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198054.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198068.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198083.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198115.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198120.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198124.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198125.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198126.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198127.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198128.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198129.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198130.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198131.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198132.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198133.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198134.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

794\A0198161.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

795\A0198164.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

795\A0198169.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

795\A0198192.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

796\A0198208.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

796\A0198232.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

796\A0198237.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

796\A0198244.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198248.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198249.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198250.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198251.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198252.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198253.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198254.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198255.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198256.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198257.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198258.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198259.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.EN.1696
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198264.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

797\A0198273.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

798\A0198279.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

798\A0198284.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

799\A0198285.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

799\A0198290.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

800\A0198370.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

802\A0198470.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

802\A0198477.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

802\A0198484.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

802\A0199486.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

802\A0199495.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

803\A0200493.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

803\A0200502.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

803\A0200512.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

804\A0200521.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

804\A0200528.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

804\A0200541.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

805\A0200555.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

805\A0200560.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

805\A0200577.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

806\A0200591.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

806\A0200603.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

806\A0200610.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

807\A0200623.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

807\A0200635.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

807\A0200646.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

808\A0200674.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

808\A0200679.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

808\A0200692.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

809\A0200707.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

809\A0200714.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

810\A0200715.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

810\A0200722.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

810\A0200749.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

811\A0200786.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

811\A0200812.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

812\A0200856.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

812\A0200862.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

812\A0200884.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

812\A0201884.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

812\A0201896.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

812\A0201903.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

813\A0201914.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

813\A0201921.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

813\A0201928.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

813\A0201950.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

813\A0201957.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

814\A0201979.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

814\A0201986.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

814\A0202010.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

814\A0202016.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

814\A0202037.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202040.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202047.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202054.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202083.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202101.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202131.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202152.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202158.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

815\A0202184.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

816\A0202223.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

816\A0202230.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

816\A0202281.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

817\A0202298.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

817\A0202305.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

817\A0202328.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

817\A0202349.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

817\A0202358.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

818\A0202359.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

818\A0202366.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

818\A0202372.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

818\A0202390.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

818\A0202415.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

819\A0202422.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

819\A0202438.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

819\A0202448.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

819\A0202468.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

820\A0202493.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

820\A0202512.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

820\A0202529.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

820\A0202536.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

821\A0202558.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

821\A0202575.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202598.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202605.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202620.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202631.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202632.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202633.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202634.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202635.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202636.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202637.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202638.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202639.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

822\A0202640.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202652.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202657.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202666.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202667.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202668.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202669.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202670.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202671.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202672.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202673.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202674.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202675.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202676.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202677.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202682.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202710.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202720.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202728.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202735.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202740.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

823\A0202778.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

824\A0202811.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

824\A0202828.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

825\A0202858.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

825\A0202865.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

826\A0202896.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

828\A0202993.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

829\A0203013.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

829\A0203031.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

829\A0203042.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

829\A0203052.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

830\A0203060.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

830\A0203071.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

830\A0203079.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

831\A0203097.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

831\A0203113.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

831\A0203131.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

832\A0203153.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

832\A0203165.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

832\A0203185.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

832\A0203218.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

832\A0203239.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

833\A0203251.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

833\A0203259.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

833\A0203269.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

833\A0203278.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

834\A0203285.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

834\A0203308.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

834\A0203315.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

834\A0203326.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

835\A0203328.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

836\A0203341.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

836\A0203375.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

836\A0203384.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

836\A0203401.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

836\A0204403.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

837\A0204412.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

837\A0204425.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

838\A0204446.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

838\A0204453.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

838\A0204462.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

838\A0204495.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

838\A0204508.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

838\A0204532.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

839\A0204536.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

839\A0204550.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

839\A0204569.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

840\A0204594.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

840\A0204620.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

841\A0204647.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

842\A0204659.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

843\A0204694.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

844\A0204726.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

845\A0204762.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

846\A0204813.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

847\A0204849.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

848\A0204875.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

848\A0204882.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

849\A0204930.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

850\A0204983.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

851\A0205028.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

852\A0205059.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

853\A0205083.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

854\A0205117.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

855\A0205138.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

856\A0205162.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

857\A0205195.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

858\A0205225.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

859\A0205246.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

860\A0205279.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205326.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205329.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205330.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205331.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205332.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205333.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205334.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205335.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205336.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205337.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205338.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

861\A0205339.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

883\A0223092.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

883\A0223093.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

883\A0223094.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

883\A0223095.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

883\A0223096.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

883\A0223097.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

883\A0223098.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

883\A0223099.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223105.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_rest
a b 8 Sécurité
26 Décembre 2007 21:30:01

Reposte un rapport Hijackthis.
26 Décembre 2007 21:33:14

C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223106.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223107.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.EN.112
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223108.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223109.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223110.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223111.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223112.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223113.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223114.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223115.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223116.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223117.exe
[DETECTION] Is the Trojan horse TR/FatObfus.2.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223118.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223119.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223120.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223121.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223122.exe
[DETECTION] Is the Trojan horse TR/Dldr.FakeAV.B
[INFO] The file was deleted!
C:\System Volume

Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP

884\A0223123.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\WINDOWS\Downloaded Program Files\PackageHtml.dll
[WARNING] 'Is the Trojan horse TR/Dialer.QJ'. This detection is

probably an error. Please send us this file immediately for further

analysis.
C:\WINDOWS\system32\ODBCJET.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.aso
[WARNING] The file could not be deleted!
Begin scan in 'D:\' <HP_RECOVERY>


End of the scan: mercredi 26 décembre 2007 21:29
Used time: 1:21:50 min

The scan has been done completely.

7908 Scanning directories
332829 Files were scanned
313 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
312 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
332516 Files not concerned
9145 Archives were scanned
4 Warnings
0 Notes

a b 8 Sécurité
26 Décembre 2007 21:35:33

Tu as vu ma réponse ?
27 Décembre 2007 18:01:04

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:01:53, on 27/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
c:\fotowin\RTETPISv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.gophersearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ODBCJET.exe,
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [view readme] C:\DOCUME~1\PROPRI~1\APPLIC~1\CREATI~1\chicplay.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://dl.ad-ware.cc/IgcsgJzLOnw4rtzAEhpG.chm::/on-line...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDe...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RTE : Partage TAPI (RTETAPIService) - RTE Software - c:\fotowin\RTETPISv.exe

--
End of file - 9156 bytes
a b 8 Sécurité
27 Décembre 2007 18:12:59

Re,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    27 Décembre 2007 18:29:41

    -----------------------------[ Lop S&D 2.0.1 ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 27/12/2007 | 18:27:22,07 ] [ NOM-W8KZ05N5F7S ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Dale Road Date Fast
    C:\Documents and Settings\All Users\APPLIC~1\addr_file.html
    C:\Documents and Settings\All Users\APPLIC~1\Avira
    C:\Documents and Settings\All Users\APPLIC~1\ford does hold option
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\idle wma bin ford
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Avg7
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\All Users\APPLIC~1\Ulead Systems
    C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\MSN6
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\InterVideo
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\SBSI
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini

    C:\Documents and Settings\Default User\APPLIC~1\SampleView
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft
    C:\Documents and Settings\Default User\APPLIC~1\Sonic
    C:\Documents and Settings\Default User\APPLIC~1\Sun
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Symantec

    C:\Documents and Settings\eMule_Secure\APPLIC~1\Microsoft
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Real
    C:\Documents and Settings\eMule_Secure\APPLIC~1\SampleView
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Sonic
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Sun
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Identities
    C:\Documents and Settings\eMule_Secure\APPLIC~1\desktop.ini
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Symantec

    C:\Documents and Settings\le parain\APPLIC~1\Adobe
    C:\Documents and Settings\le parain\APPLIC~1\Google
    C:\Documents and Settings\le parain\APPLIC~1\Microsoft
    C:\Documents and Settings\le parain\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\le parain\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\le parain\APPLIC~1\Real
    C:\Documents and Settings\le parain\APPLIC~1\AdobeUM
    C:\Documents and Settings\le parain\APPLIC~1\Macromedia
    C:\Documents and Settings\le parain\APPLIC~1\SampleView
    C:\Documents and Settings\le parain\APPLIC~1\Sonic
    C:\Documents and Settings\le parain\APPLIC~1\Sun
    C:\Documents and Settings\le parain\APPLIC~1\Identities
    C:\Documents and Settings\le parain\APPLIC~1\desktop.ini
    C:\Documents and Settings\le parain\APPLIC~1\Symantec

    C:\Documents and Settings\LocalService\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\maman\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\maman\APPLIC~1\MSN6
    C:\Documents and Settings\maman\APPLIC~1\Motive
    C:\Documents and Settings\maman\APPLIC~1\Google
    C:\Documents and Settings\maman\APPLIC~1\Microsoft
    C:\Documents and Settings\maman\APPLIC~1\Real
    C:\Documents and Settings\maman\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\maman\APPLIC~1\Macromedia
    C:\Documents and Settings\maman\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\maman\APPLIC~1\SampleView
    C:\Documents and Settings\maman\APPLIC~1\Sonic
    C:\Documents and Settings\maman\APPLIC~1\Sun
    C:\Documents and Settings\maman\APPLIC~1\Identities
    C:\Documents and Settings\maman\APPLIC~1\desktop.ini
    C:\Documents and Settings\maman\APPLIC~1\Symantec

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
    C:\Documents and Settings\NetworkService\APPLIC~1\Macromedia
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec

    C:\Documents and Settings\Propri‚taire\APPLIC~1\CreativeShimCorn
    C:\Documents and Settings\Propri‚taire\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Propri‚taire\APPLIC~1\U3
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Adobe
    C:\Documents and Settings\Propri‚taire\APPLIC~1\GDIPFONTCACHEV1.DAT
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Microsoft
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Google
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Leadertech
    C:\Documents and Settings\Propri‚taire\APPLIC~1\AdobeDLM.log
    C:\Documents and Settings\Propri‚taire\APPLIC~1\dm.ini
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Macromedia
    C:\Documents and Settings\Propri‚taire\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\Propri‚taire\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Real
    C:\Documents and Settings\Propri‚taire\APPLIC~1\MSN6
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Help
    C:\Documents and Settings\Propri‚taire\APPLIC~1\AdobeUM
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Sonic
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Motive
    C:\Documents and Settings\Propri‚taire\APPLIC~1\InterVideo
    C:\Documents and Settings\Propri‚taire\APPLIC~1\SampleView
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Sun
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Identities
    C:\Documents and Settings\Propri‚taire\APPLIC~1\desktop.ini
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Symantec

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [27/12/2007 18:00][--ah-----]C:\WINDOWS\tasks\A1422D289185A8A8.job
    [20/08/2007 16:57][--ah-----]C:\WINDOWS\tasks\Microsoft_Hardware_Launch_setup_exe.job
    [06/08/2005 20:21][--a------]C:\WINDOWS\tasks\Connexion Facile … Internet.job
    [21/09/2003 09:45][-rah-----]C:\WINDOWS\tasks\desktop.ini
    [27/12/2007 17:59][--ah-----]C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\Adobe
    C:\Program Files\Adverts
    C:\Program Files\Alwil Software
    C:\Program Files\Avira
    C:\Program Files\CCleaner
    C:\Program Files\Clcd16.dll
    C:\Program Files\Clcd32.dll
    C:\Program Files\Clokspl.exe
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\CreativeShimCorn
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\Docs
    C:\Program Files\Downloads
    C:\Program Files\Dplayerx.dll
    C:\Program Files\Easy Internet signup
    C:\Program Files\eMule
    C:\Program Files\Every Toolbar 1.1
    C:\Program Files\Fichiers communs
    C:\Program Files\Free.fr
    C:\Program Files\GameData
    C:\Program Files\Google
    C:\Program Files\honestech
    C:\Program Files\HP
    C:\Program Files\HP Pavilion PC Help
    C:\Program Files\InterActual
    C:\Program Files\Internet Explorer
    C:\Program Files\InterVideo
    C:\Program Files\Java
    C:\Program Files\Lop SD
    C:\Program Files\Ludiclub
    C:\Program Files\Messenger
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\Microsoft ActiveSync
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft LifeCam
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Picture It! 9
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft Works Suite 2004
    C:\Program Files\Montorgueil
    C:\Program Files\Movie Maker
    C:\Program Files\MSN
    C:\Program Files\MSN Apps
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSN Toolbar Suite
    C:\Program Files\MSXML 4.0
    C:\Program Files\MyWay
    C:\Program Files\Need2Find
    C:\Program Files\NetMeeting
    C:\Program Files\Outlook Express
    C:\Program Files\Packard Bell Magic Movie
    C:\Program Files\PhotoFiltre
    C:\Program Files\Real
    C:\Program Files\Seekmo
    C:\Program Files\Services en ligne
    C:\Program Files\Tantrum
    C:\Program Files\Trend Micro
    C:\Program Files\Ulead Systems
    C:\Program Files\VeriSign
    C:\Program Files\VideoKeyCodec
    C:\Program Files\VirtualDJ
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\xerox
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\carhbbnl
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\HP
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\InterVideo
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Sonic
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\Totem Shared
    C:\Program Files\Fichiers communs\Ulead Systems
    C:\Program Files\Fichiers communs\xing shared

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé ! )

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Adverts
    C:\WINDOWS\Tasks\A1422D289185A8A8.job

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 18:29:06
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 18:29:18,82 ]----------------------
    27 Décembre 2007 18:34:06

    j'ai poster le rapport de lop s&d
    oui je peux utiliser ce lien
    a b 8 Sécurité
    27 Décembre 2007 18:35:10

    C'est LopS&D dans une version plus récente :) 
    27 Décembre 2007 18:41:12

    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 27/12/2007 | 18:42:26,12 ] [ NOM-W8KZ05N5F7S ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Dale Road Date Fast
    C:\Documents and Settings\All Users\APPLIC~1\addr_file.html
    C:\Documents and Settings\All Users\APPLIC~1\Avira
    C:\Documents and Settings\All Users\APPLIC~1\ford does hold option
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\idle wma bin ford
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Avg7
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\All Users\APPLIC~1\Ulead Systems
    C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\MSN6
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\InterVideo
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\SBSI
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini

    C:\Documents and Settings\Default User\APPLIC~1\SampleView
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft
    C:\Documents and Settings\Default User\APPLIC~1\Sonic
    C:\Documents and Settings\Default User\APPLIC~1\Sun
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Symantec

    C:\Documents and Settings\eMule_Secure\APPLIC~1\Microsoft
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Real
    C:\Documents and Settings\eMule_Secure\APPLIC~1\SampleView
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Sonic
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Sun
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Identities
    C:\Documents and Settings\eMule_Secure\APPLIC~1\desktop.ini
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Symantec

    C:\Documents and Settings\le parain\APPLIC~1\Adobe
    C:\Documents and Settings\le parain\APPLIC~1\Google
    C:\Documents and Settings\le parain\APPLIC~1\Microsoft
    C:\Documents and Settings\le parain\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\le parain\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\le parain\APPLIC~1\Real
    C:\Documents and Settings\le parain\APPLIC~1\AdobeUM
    C:\Documents and Settings\le parain\APPLIC~1\Macromedia
    C:\Documents and Settings\le parain\APPLIC~1\SampleView
    C:\Documents and Settings\le parain\APPLIC~1\Sonic
    C:\Documents and Settings\le parain\APPLIC~1\Sun
    C:\Documents and Settings\le parain\APPLIC~1\Identities
    C:\Documents and Settings\le parain\APPLIC~1\desktop.ini
    C:\Documents and Settings\le parain\APPLIC~1\Symantec

    C:\Documents and Settings\LocalService\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\maman\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\maman\APPLIC~1\MSN6
    C:\Documents and Settings\maman\APPLIC~1\Motive
    C:\Documents and Settings\maman\APPLIC~1\Google
    C:\Documents and Settings\maman\APPLIC~1\Microsoft
    C:\Documents and Settings\maman\APPLIC~1\Real
    C:\Documents and Settings\maman\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\maman\APPLIC~1\Macromedia
    C:\Documents and Settings\maman\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\maman\APPLIC~1\SampleView
    C:\Documents and Settings\maman\APPLIC~1\Sonic
    C:\Documents and Settings\maman\APPLIC~1\Sun
    C:\Documents and Settings\maman\APPLIC~1\Identities
    C:\Documents and Settings\maman\APPLIC~1\desktop.ini
    C:\Documents and Settings\maman\APPLIC~1\Symantec

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
    C:\Documents and Settings\NetworkService\APPLIC~1\Macromedia
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec

    C:\Documents and Settings\Propri‚taire\APPLIC~1\CreativeShimCorn
    C:\Documents and Settings\Propri‚taire\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Propri‚taire\APPLIC~1\U3
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Adobe
    C:\Documents and Settings\Propri‚taire\APPLIC~1\GDIPFONTCACHEV1.DAT
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Microsoft
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Google
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Leadertech
    C:\Documents and Settings\Propri‚taire\APPLIC~1\AdobeDLM.log
    C:\Documents and Settings\Propri‚taire\APPLIC~1\dm.ini
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Macromedia
    C:\Documents and Settings\Propri‚taire\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\Propri‚taire\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Real
    C:\Documents and Settings\Propri‚taire\APPLIC~1\MSN6
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Help
    C:\Documents and Settings\Propri‚taire\APPLIC~1\AdobeUM
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Sonic
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Motive
    C:\Documents and Settings\Propri‚taire\APPLIC~1\InterVideo
    C:\Documents and Settings\Propri‚taire\APPLIC~1\SampleView
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Sun
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Identities
    C:\Documents and Settings\Propri‚taire\APPLIC~1\desktop.ini
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Symantec

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [27/12/2007 18:00][--ah-----]C:\WINDOWS\tasks\A1422D289185A8A8.job
    [20/08/2007 16:57][--ah-----]C:\WINDOWS\tasks\Microsoft_Hardware_Launch_setup_exe.job
    [06/08/2005 20:21][--a------]C:\WINDOWS\tasks\Connexion Facile … Internet.job
    [21/09/2003 09:45][-rah-----]C:\WINDOWS\tasks\desktop.ini
    [27/12/2007 17:59][--ah-----]C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\Adobe
    C:\Program Files\Adverts
    C:\Program Files\Alwil Software
    C:\Program Files\Avira
    C:\Program Files\CCleaner
    C:\Program Files\Clcd16.dll
    C:\Program Files\Clcd32.dll
    C:\Program Files\Clokspl.exe
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\CreativeShimCorn
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\Docs
    C:\Program Files\Downloads
    C:\Program Files\Dplayerx.dll
    C:\Program Files\Easy Internet signup
    C:\Program Files\eMule
    C:\Program Files\Every Toolbar 1.1
    C:\Program Files\Fichiers communs
    C:\Program Files\Free.fr
    C:\Program Files\GameData
    C:\Program Files\Google
    C:\Program Files\honestech
    C:\Program Files\HP
    C:\Program Files\HP Pavilion PC Help
    C:\Program Files\InterActual
    C:\Program Files\Internet Explorer
    C:\Program Files\InterVideo
    C:\Program Files\Java
    C:\Program Files\Lop SD
    C:\Program Files\Ludiclub
    C:\Program Files\Messenger
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\Microsoft ActiveSync
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft LifeCam
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Picture It! 9
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft Works Suite 2004
    C:\Program Files\Montorgueil
    C:\Program Files\Movie Maker
    C:\Program Files\MSN
    C:\Program Files\MSN Apps
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSN Toolbar Suite
    C:\Program Files\MSXML 4.0
    C:\Program Files\MyWay
    C:\Program Files\Need2Find
    C:\Program Files\NetMeeting
    C:\Program Files\Outlook Express
    C:\Program Files\Packard Bell Magic Movie
    C:\Program Files\PhotoFiltre
    C:\Program Files\Real
    C:\Program Files\Seekmo
    C:\Program Files\Services en ligne
    C:\Program Files\Tantrum
    C:\Program Files\Trend Micro
    C:\Program Files\Ulead Systems
    C:\Program Files\VeriSign
    C:\Program Files\VideoKeyCodec
    C:\Program Files\VirtualDJ
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\xerox
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\carhbbnl
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\HP
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\InterVideo
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Sonic
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\Totem Shared
    C:\Program Files\Fichiers communs\Ulead Systems
    C:\Program Files\Fichiers communs\xing shared

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\Documents and Settings\Propri‚taire\APPLIC~1\CreativeShimCorn\bolt tons cast love.exe
    C:\Documents and Settings\Propri‚taire\APPLIC~1\CREATI~1
    C:\Program Files\CREATI~1

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Adverts
    C:\WINDOWS\Tasks\A1422D289185A8A8.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "view readme"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\CREATI~1\\chicplay.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 18:43:18
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 18:43:30,34 ]----------------------
    a b 8 Sécurité
    27 Décembre 2007 19:11:14

    On supprime :) 

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    28 Décembre 2007 18:54:00

    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 28/12/2007 | 18:53:55,59 ] [ NOM-W8KZ05N5F7S ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\WINDOWS\Tasks\A1422D289185A8A8.job
    Supprimé! - C:\Program Files\Adverts
    Supprimé! - C:\Documents and Settings\Propri‚taire\APPLIC~1\CreativeShimCorn\bolt tons cast love.exe
    Supprimé! - C:\Documents and Settings\Propri‚taire\APPLIC~1\CREATI~1
    Supprimé! - C:\Program Files\CREATI~1
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Dale Road Date Fast
    C:\Documents and Settings\All Users\APPLIC~1\addr_file.html
    C:\Documents and Settings\All Users\APPLIC~1\Avira
    C:\Documents and Settings\All Users\APPLIC~1\ford does hold option
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\idle wma bin ford
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Avg7
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\All Users\APPLIC~1\Ulead Systems
    C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\MSN6
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\InterVideo
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\SBSI
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini

    C:\Documents and Settings\Default User\APPLIC~1\SampleView
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft
    C:\Documents and Settings\Default User\APPLIC~1\Sonic
    C:\Documents and Settings\Default User\APPLIC~1\Sun
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Symantec

    C:\Documents and Settings\eMule_Secure\APPLIC~1\Microsoft
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Real
    C:\Documents and Settings\eMule_Secure\APPLIC~1\SampleView
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Sonic
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Sun
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Identities
    C:\Documents and Settings\eMule_Secure\APPLIC~1\desktop.ini
    C:\Documents and Settings\eMule_Secure\APPLIC~1\Symantec

    C:\Documents and Settings\le parain\APPLIC~1\Adobe
    C:\Documents and Settings\le parain\APPLIC~1\Google
    C:\Documents and Settings\le parain\APPLIC~1\Microsoft
    C:\Documents and Settings\le parain\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\le parain\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\le parain\APPLIC~1\Real
    C:\Documents and Settings\le parain\APPLIC~1\AdobeUM
    C:\Documents and Settings\le parain\APPLIC~1\Macromedia
    C:\Documents and Settings\le parain\APPLIC~1\SampleView
    C:\Documents and Settings\le parain\APPLIC~1\Sonic
    C:\Documents and Settings\le parain\APPLIC~1\Sun
    C:\Documents and Settings\le parain\APPLIC~1\Identities
    C:\Documents and Settings\le parain\APPLIC~1\desktop.ini
    C:\Documents and Settings\le parain\APPLIC~1\Symantec

    C:\Documents and Settings\LocalService\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\maman\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\maman\APPLIC~1\MSN6
    C:\Documents and Settings\maman\APPLIC~1\Motive
    C:\Documents and Settings\maman\APPLIC~1\Google
    C:\Documents and Settings\maman\APPLIC~1\Microsoft
    C:\Documents and Settings\maman\APPLIC~1\Real
    C:\Documents and Settings\maman\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\maman\APPLIC~1\Macromedia
    C:\Documents and Settings\maman\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\maman\APPLIC~1\SampleView
    C:\Documents and Settings\maman\APPLIC~1\Sonic
    C:\Documents and Settings\maman\APPLIC~1\Sun
    C:\Documents and Settings\maman\APPLIC~1\Identities
    C:\Documents and Settings\maman\APPLIC~1\desktop.ini
    C:\Documents and Settings\maman\APPLIC~1\Symantec

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
    C:\Documents and Settings\NetworkService\APPLIC~1\Macromedia
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec

    C:\Documents and Settings\Propri‚taire\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Propri‚taire\APPLIC~1\U3
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Adobe
    C:\Documents and Settings\Propri‚taire\APPLIC~1\GDIPFONTCACHEV1.DAT
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Microsoft
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Google
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Leadertech
    C:\Documents and Settings\Propri‚taire\APPLIC~1\AdobeDLM.log
    C:\Documents and Settings\Propri‚taire\APPLIC~1\dm.ini
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Macromedia
    C:\Documents and Settings\Propri‚taire\APPLIC~1\MSN Search Toolbar
    C:\Documents and Settings\Propri‚taire\APPLIC~1\$_hpcst$.hpc
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Real
    C:\Documents and Settings\Propri‚taire\APPLIC~1\MSN6
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Help
    C:\Documents and Settings\Propri‚taire\APPLIC~1\AdobeUM
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Sonic
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Motive
    C:\Documents and Settings\Propri‚taire\APPLIC~1\InterVideo
    C:\Documents and Settings\Propri‚taire\APPLIC~1\SampleView
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Sun
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Identities
    C:\Documents and Settings\Propri‚taire\APPLIC~1\desktop.ini
    C:\Documents and Settings\Propri‚taire\APPLIC~1\Symantec

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [20/08/2007 16:57][--ah-----]C:\WINDOWS\tasks\Microsoft_Hardware_Launch_setup_exe.job
    [06/08/2005 20:21][--a------]C:\WINDOWS\tasks\Connexion Facile … Internet.job
    [21/09/2003 09:45][-rah-----]C:\WINDOWS\tasks\desktop.ini
    [28/12/2007 18:48][--ah-----]C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\Adobe
    C:\Program Files\Alwil Software
    C:\Program Files\Avira
    C:\Program Files\CCleaner
    C:\Program Files\Clcd16.dll
    C:\Program Files\Clcd32.dll
    C:\Program Files\Clokspl.exe
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\Docs
    C:\Program Files\Downloads
    C:\Program Files\Dplayerx.dll
    C:\Program Files\Easy Internet signup
    C:\Program Files\eMule
    C:\Program Files\Every Toolbar 1.1
    C:\Program Files\Fichiers communs
    C:\Program Files\Free.fr
    C:\Program Files\GameData
    C:\Program Files\Google
    C:\Program Files\honestech
    C:\Program Files\HP
    C:\Program Files\HP Pavilion PC Help
    C:\Program Files\InterActual
    C:\Program Files\Internet Explorer
    C:\Program Files\InterVideo
    C:\Program Files\Java
    C:\Program Files\Lop SD
    C:\Program Files\Ludiclub
    C:\Program Files\Messenger
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\Microsoft ActiveSync
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft LifeCam
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Picture It! 9
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft Works Suite 2004
    C:\Program Files\Montorgueil
    C:\Program Files\Movie Maker
    C:\Program Files\MSN
    C:\Program Files\MSN Apps
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSN Toolbar Suite
    C:\Program Files\MSXML 4.0
    C:\Program Files\MyWay
    C:\Program Files\Need2Find
    C:\Program Files\NetMeeting
    C:\Program Files\Outlook Express
    C:\Program Files\Packard Bell Magic Movie
    C:\Program Files\PhotoFiltre
    C:\Program Files\Real
    C:\Program Files\Seekmo
    C:\Program Files\Services en ligne
    C:\Program Files\Tantrum
    C:\Program Files\Trend Micro
    C:\Program Files\Ulead Systems
    C:\Program Files\VeriSign
    C:\Program Files\VideoKeyCodec
    C:\Program Files\VirtualDJ
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\xerox
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\carhbbnl
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\HP
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\InterVideo
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Sonic
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\Totem Shared
    C:\Program Files\Fichiers communs\Ulead Systems
    C:\Program Files\Fichiers communs\xing shared

    ----------------------[ Recherche avec S_Lop ]---------------------


    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-28 18:55:13
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !
    a b 8 Sécurité
    28 Décembre 2007 18:57:18

    Re,

    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\Documents and Settings\All Users\APPLIC~1\Dale Road Date Fast
    C:\Documents and Settings\All Users\APPLIC~1\ford does hold option
    C:\Documents and Settings\All Users\APPLIC~1\idle wma bin ford
    C:\Program Files\MyWay
    C:\Program Files\Need2Find

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    28 Décembre 2007 19:08:56

    C:\Documents and Settings\All Users\APPLIC~1\Dale Road Date Fast moved successfully.
    C:\Documents and Settings\All Users\APPLIC~1\ford does hold option moved successfully.
    C:\Documents and Settings\All Users\APPLIC~1\idle wma bin ford moved successfully.
    C:\Program Files\MyWay\myBar\Settings moved successfully.
    Folder move failed. C:\Program Files\MyWay\myBar\History\search scheduled to be moved on reboot.
    C:\Program Files\MyWay\myBar\History moved successfully.
    Folder move failed. C:\Program Files\MyWay\myBar\Cache\006C5E01 scheduled to be moved on reboot.
    C:\Program Files\MyWay\myBar\Cache moved successfully.
    C:\Program Files\MyWay\myBar moved successfully.
    C:\Program Files\MyWay moved successfully.
    C:\Program Files\Need2Find\bar\Settings moved successfully.
    Folder move failed. C:\Program Files\Need2Find\bar\History\search scheduled to be moved on reboot.
    C:\Program Files\Need2Find\bar\History moved successfully.
    Folder move failed. C:\Program Files\Need2Find\bar\Cache\025C16BA scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Need2Find\bar\Cache\025B8557 scheduled to be moved on reboot.
    Folder move failed. C:\Program Files\Need2Find\bar\Cache\025B80D3 scheduled to be moved on reboot.
    C:\Program Files\Need2Find\bar\Cache moved successfully.
    C:\Program Files\Need2Find\bar moved successfully.
    C:\Program Files\Need2Find moved successfully.
    File/Folder not found.

    Created on 12/28/2007 19:04:49
    a b 8 Sécurité
    28 Décembre 2007 19:18:50

    Reposte un rapport Hijackthis.
    28 Décembre 2007 19:21:16

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:23:43, on 28/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\System32\nvsvc32.exe
    c:\fotowin\RTETPISv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\System32\hphmon05.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\vVX1000.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.gophersearch.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - - (no file)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ODBCJET.exe,
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
    O3 - Toolbar: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
    O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://dl.ad-ware.cc/IgcsgJzLOnw4rtzAEhpG.chm::/on-line...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDe...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: RTE : Partage TAPI (RTETAPIService) - RTE Software - c:\fotowin\RTETPISv.exe

    --
    End of file - 9083 bytes
    a b 8 Sécurité
    28 Décembre 2007 19:39:13

    Re,

    Télécharge Clean.zip (de Malekal),
    Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
    Ouvre le dossier clean, double-clique sur clean.cmd.
    Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
    30 Décembre 2007 16:18:38

    30/12/2007 a 16:19:14,25

    *** Recherche des fichiers dans C:
    C:\StubInstaller.exe FOUND

    *** Recherche des fichiers dans C:\WINDOWS\
    C:\WINDOWS\ALCXMNTR.EXE FOUND

    *** Recherche des fichiers dans C:\WINDOWS\system32

    *** Recherche des fichiers dans C:\Program Files
    "C:\Program Files\Fichiers communs\Totem Shared\" FOUND
    "C:\Program Files\Every Toolbar 1.1\" FOUND
    "C:\Program Files\Montorgueil\" FOUND
    "C:\Program Files\Montorgueil\" FOUND
    "C:\Program Files\seekmo\" FOUND
    "C:\Program Files\Seekmo\" FOUND
    a b 8 Sécurité
    30 Décembre 2007 20:15:45

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::

    Registry::


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    11 Janvier 2008 19:54:32

    excusez moi du retard !!!
    je n'ai pas combofix !!! c'est normal ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS