Votre question

comment supprimer les pubs CiD

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Janvier 2008 19:18:01

bonjour depuis peu je suis envahis de pub avec pour en tete CiD
pouvez vous m'aider
ci joint le rapport hijackthis
merçi

Logfile of HijackThis v1.99.1
Scan saved at 18:26:40, on 08/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BDOSCAN8\IEXPLORE.EXE
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Borland\InterBase\Bin\ibguard.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Borland\InterBase\Bin\ibserver.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
D:\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\PROMT5\INTEGRAL\pinmenu.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\LightSurf\Common\IconMgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\LightSurf\Colorific\hgcctl95.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\LightSurf\Color Indicator\TICIcon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\System32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [USBToolTip] "D:\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin\body axis.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Norton SystemWorks] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID {DA9935BA-22F7-44ee-BD12-BD8B87700BEA}
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: LightSurf.lnk = C:\Program Files\LightSurf\Common\IconMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Pense-bête.lnk = D:\PrintMaster\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx
O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/pc/resources/a...
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://tours.trafic.ville.wanadoo.fr/Common/activex/Axi...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/i...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: DirectX Service (DirectCohr) - Unknown owner - c:\windows\system32\directx.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\InterBase\Bin\ibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:\Program Files\Borland\InterBase\Bin\ibserver.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Autres pages sur : supprimer pubs cid

a b 8 Sécurité
8 Janvier 2008 19:20:53

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    8 Janvier 2008 19:40:53

    Merçi pour ta réponse rapide

    voiçi donc le rapport

    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 08/01/2008 | 19:37:23,65 ] [ TONDUSSO-0MMCO3 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\Administrateur\APPLIC~1\desktop.ini
    C:\Documents and Settings\Administrateur\APPLIC~1\Microsoft

    C:\Documents and Settings\All Users\APPLIC~1\Bags Plus Online Chin
    C:\Documents and Settings\All Users\APPLIC~1\Windows Live Toolbar
    C:\Documents and Settings\All Users\APPLIC~1\VMware
    C:\Documents and Settings\All Users\APPLIC~1\TechSmith
    C:\Documents and Settings\All Users\APPLIC~1\ezsid.dat
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\nHancer
    C:\Documents and Settings\All Users\APPLIC~1\NVIDIA
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Creative
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\WinAntiVirus Pro 2006
    C:\Documents and Settings\All Users\APPLIC~1\Trymedia
    C:\Documents and Settings\All Users\APPLIC~1\MSN6
    C:\Documents and Settings\All Users\APPLIC~1\Emjysoft
    C:\Documents and Settings\All Users\APPLIC~1\UDL
    C:\Documents and Settings\All Users\APPLIC~1\Exetender
    C:\Documents and Settings\All Users\APPLIC~1\DVD Shrink
    C:\Documents and Settings\All Users\APPLIC~1\Ciel
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\HP
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\Logitech
    C:\Documents and Settings\All Users\APPLIC~1\SmartSound Software Inc
    C:\Documents and Settings\All Users\APPLIC~1\Pinnacle
    C:\Documents and Settings\All Users\APPLIC~1\Macrovision
    C:\Documents and Settings\All Users\APPLIC~1\Ahead
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
    C:\Documents and Settings\All Users\APPLIC~1\CyberLink
    C:\Documents and Settings\All Users\APPLIC~1\Knowledge Adventure
    C:\Documents and Settings\All Users\APPLIC~1\QuickTime

    C:\Documents and Settings\Christ\APPLIC~1\dog nurb debug
    C:\Documents and Settings\Christ\APPLIC~1\Microsoft
    C:\Documents and Settings\Christ\APPLIC~1\Skype
    C:\Documents and Settings\Christ\APPLIC~1\skypePM
    C:\Documents and Settings\Christ\APPLIC~1\AquaNox
    C:\Documents and Settings\Christ\APPLIC~1\Sun
    C:\Documents and Settings\Christ\APPLIC~1\Adobe
    C:\Documents and Settings\Christ\APPLIC~1\fltk.org
    C:\Documents and Settings\Christ\APPLIC~1\LimeWire
    C:\Documents and Settings\Christ\APPLIC~1\Styler
    C:\Documents and Settings\Christ\APPLIC~1\Stardock
    C:\Documents and Settings\Christ\APPLIC~1\gtopala
    C:\Documents and Settings\Christ\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\Christ\APPLIC~1\TaoUSign
    C:\Documents and Settings\Christ\APPLIC~1\Creative
    C:\Documents and Settings\Christ\APPLIC~1\AdobeUM
    C:\Documents and Settings\Christ\APPLIC~1\DivX
    C:\Documents and Settings\Christ\APPLIC~1\MSN6
    C:\Documents and Settings\Christ\APPLIC~1\Emjysoft
    C:\Documents and Settings\Christ\APPLIC~1\EPSON
    C:\Documents and Settings\Christ\APPLIC~1\Ahead
    C:\Documents and Settings\Christ\APPLIC~1\Leadertech
    C:\Documents and Settings\Christ\APPLIC~1\HP
    C:\Documents and Settings\Christ\APPLIC~1\Common Files
    C:\Documents and Settings\Christ\APPLIC~1\Google
    C:\Documents and Settings\Christ\APPLIC~1\Real
    C:\Documents and Settings\Christ\APPLIC~1\Apple Computer
    C:\Documents and Settings\Christ\APPLIC~1\Macromedia
    C:\Documents and Settings\Christ\APPLIC~1\NeroVision
    C:\Documents and Settings\Christ\APPLIC~1\CyberLink
    C:\Documents and Settings\Christ\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Christ\APPLIC~1\Help
    C:\Documents and Settings\Christ\APPLIC~1\Logitech
    C:\Documents and Settings\Christ\APPLIC~1\Lavasoft
    C:\Documents and Settings\Christ\APPLIC~1\Identities
    C:\Documents and Settings\Christ\APPLIC~1\desktop.ini

    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft

    C:\Documents and Settings\Hugo\APPLIC~1\Microsoft
    C:\Documents and Settings\Hugo\APPLIC~1\dog nurb debug
    C:\Documents and Settings\Hugo\APPLIC~1\Lavasoft
    C:\Documents and Settings\Hugo\APPLIC~1\Styler
    C:\Documents and Settings\Hugo\APPLIC~1\Creative
    C:\Documents and Settings\Hugo\APPLIC~1\DivX
    C:\Documents and Settings\Hugo\APPLIC~1\Adobe
    C:\Documents and Settings\Hugo\APPLIC~1\Real
    C:\Documents and Settings\Hugo\APPLIC~1\Macromedia
    C:\Documents and Settings\Hugo\APPLIC~1\Apple Computer
    C:\Documents and Settings\Hugo\APPLIC~1\Logitech
    C:\Documents and Settings\Hugo\APPLIC~1\Identities
    C:\Documents and Settings\Hugo\APPLIC~1\desktop.ini

    C:\Documents and Settings\LocalService\APPLIC~1\VMware
    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
    C:\Documents and Settings\LocalService\APPLIC~1\Webroot

    C:\Documents and Settings\NetworkService\APPLIC~1\VMware
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec
    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    C:\Documents and Settings\Th‚o\APPLIC~1\dog nurb debug
    C:\Documents and Settings\Th‚o\APPLIC~1\SparkleXP
    C:\Documents and Settings\Th‚o\APPLIC~1\Microsoft
    C:\Documents and Settings\Th‚o\APPLIC~1\VMware
    C:\Documents and Settings\Th‚o\APPLIC~1\Adobe
    C:\Documents and Settings\Th‚o\APPLIC~1\fltk.org
    C:\Documents and Settings\Th‚o\APPLIC~1\Styler
    C:\Documents and Settings\Th‚o\APPLIC~1\CyberLink
    C:\Documents and Settings\Th‚o\APPLIC~1\Logitech
    C:\Documents and Settings\Th‚o\APPLIC~1\Help
    C:\Documents and Settings\Th‚o\APPLIC~1\Creative
    C:\Documents and Settings\Th‚o\APPLIC~1\Sierra
    C:\Documents and Settings\Th‚o\APPLIC~1\DivX
    C:\Documents and Settings\Th‚o\APPLIC~1\MSN6
    C:\Documents and Settings\Th‚o\APPLIC~1\Ahead
    C:\Documents and Settings\Th‚o\APPLIC~1\Google
    C:\Documents and Settings\Th‚o\APPLIC~1\Emjysoft
    C:\Documents and Settings\Th‚o\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\Th‚o\APPLIC~1\AdobeUM
    C:\Documents and Settings\Th‚o\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Th‚o\APPLIC~1\Webroot
    C:\Documents and Settings\Th‚o\APPLIC~1\Apple Computer
    C:\Documents and Settings\Th‚o\APPLIC~1\Symantec
    C:\Documents and Settings\Th‚o\APPLIC~1\Real
    C:\Documents and Settings\Th‚o\APPLIC~1\Macromedia
    C:\Documents and Settings\Th‚o\APPLIC~1\The Labyrinth Plus! Edition
    C:\Documents and Settings\Th‚o\APPLIC~1\Identities
    C:\Documents and Settings\Th‚o\APPLIC~1\desktop.ini

    C:\Documents and Settings\v‚ro_2\APPLIC~1\Skype
    C:\Documents and Settings\v‚ro_2\APPLIC~1\skypePM
    C:\Documents and Settings\v‚ro_2\APPLIC~1\dog nurb debug
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Microsoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Lavasoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Sun
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Ahead
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Styler
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Creative
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Adobe
    C:\Documents and Settings\v‚ro_2\APPLIC~1\DivX
    C:\Documents and Settings\v‚ro_2\APPLIC~1\MSN6
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Emjysoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\v‚ro_2\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Help
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Apple Computer
    C:\Documents and Settings\v‚ro_2\APPLIC~1\AdobeUM
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Macromedia
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Real
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Identities
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Logitech
    C:\Documents and Settings\v‚ro_2\APPLIC~1\desktop.ini

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [08/01/2008 19:00][--ah-----]C:\WINDOWS\tasks\A9D28D9791853DAB.job
    [08/01/2008 19:00][--ah-----]C:\WINDOWS\tasks\B463DCD691344EEE.job
    [08/01/2008 19:00][--ah-----]C:\WINDOWS\tasks\A5782174919FDC34.job
    [08/01/2008 18:22][--ah-----]C:\WINDOWS\tasks\SA.DAT
    [24/04/2003 13:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\Adobe
    C:\Program Files\Ahead
    C:\Program Files\Alwil Software
    C:\Program Files\Apple Software Update
    C:\Program Files\ArcSoft
    C:\Program Files\Audacity
    C:\Program Files\Axis Communications
    C:\Program Files\Borland
    C:\Program Files\BurnInTest
    C:\Program Files\CCleaner
    C:\Program Files\C-Media 3D Audio
    C:\Program Files\Common Files
    C:\Program Files\Creative
    C:\Program Files\CyberLink
    C:\Program Files\CyberLink DVD Solution
    C:\Program Files\DivX
    C:\Program Files\DivXCodec
    C:\Program Files\dog nurb debug
    C:\Program Files\DOSBox-0.65
    C:\Program Files\DOSBox-0.70
    C:\Program Files\DVD Decrypter
    C:\Program Files\DVD Shrink
    C:\Program Files\EPSON
    C:\Program Files\Fichiers communs
    C:\Program Files\GALLIMARD
    C:\Program Files\Hercules
    C:\Program Files\HighMAT CD Writing Wizard
    C:\Program Files\Hijackthis Version Fran‡aise
    C:\Program Files\iColorFolder
    C:\Program Files\IncrediMail
    C:\Program Files\InterActual
    C:\Program Files\Internet Explorer
    C:\Program Files\iPod
    C:\Program Files\iTunes
    C:\Program Files\Java
    C:\Program Files\Lavalys
    C:\Program Files\LightSurf
    C:\Program Files\LiveUpdate
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Micro Application
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Money
    C:\Program Files\Microsoft Money 2005
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Plus!
    C:\Program Files\Microsoft Virtual PC Trial
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft Works Suite 2004
    C:\Program Files\Microsoft.NET
    C:\Program Files\Movie Maker
    C:\Program Files\MSN
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSXML 4.0
    C:\Program Files\MSXML 6.0
    C:\Program Files\Multi_Media
    C:\Program Files\MultiMedia Toolbar
    C:\Program Files\MUSICMATCH
    C:\Program Files\Navilog1
    C:\Program Files\NetMeeting
    C:\Program Files\Norton SystemWorks
    C:\Program Files\OfficeUpdate11
    C:\Program Files\OO Software
    C:\Program Files\orange
    C:\Program Files\Outlook Express
    C:\Program Files\Overland
    C:\Program Files\Pinnacle
    C:\Program Files\Player Metaboli
    C:\Program Files\PROMT5
    C:\Program Files\QuickTime
    C:\Program Files\Real
    C:\Program Files\RegCleaner
    C:\Program Files\SAGEM
    C:\Program Files\Serif
    C:\Program Files\Services en ligne
    C:\Program Files\Shockwave.com
    C:\Program Files\Sierra On-Line
    C:\Program Files\SightSpeed
    C:\Program Files\SiSLan
    C:\Program Files\SkinMaker1.1
    C:\Program Files\Skype
    C:\Program Files\SmartSound Software
    C:\Program Files\StofWare
    C:\Program Files\Symantec
    C:\Program Files\SystemRequirementsLab
    C:\Program Files\TestLAB 2003 Express
    C:\Program Files\TGTSoft
    C:\Program Files\TryMedia
    C:\Program Files\Ubisoft
    C:\Program Files\UNWISE.EXE
    C:\Program Files\Wanadoo
    C:\Program Files\Wanadoo Messager
    C:\Program Files\Wanadoo Photo
    C:\Program Files\WinASPI
    C:\Program Files\Windows Live Safety Center
    C:\Program Files\Windows Live Toolbar
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\xerox
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\Ahead
    C:\Program Files\Fichiers communs\DESIGNER
    C:\Program Files\Fichiers communs\DirectX
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Macrovision Shared
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\Softwin
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\Wise Installation Wizard
    C:\Program Files\Fichiers communs\xing shared

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\Documents and Settings\Hugo\APPLIC~1\dog nurb debug\boob spam cast fork.exe
    C:\Documents and Settings\v‚ro_2\APPLIC~1\dog nurb debug\boob spam cast fork.exe
    C:\Documents and Settings\Hugo\APPLIC~1\DOGNUR~1
    C:\Program Files\DOGNUR~1
    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Multi_Media
    C:\WINDOWS\Tasks\A5782174919FDC34.job
    C:\WINDOWS\Tasks\A9D28D9791853DAB.job
    C:\WINDOWS\Tasks\B463DCD691344EEE.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-08 19:39:20
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\system32\xdjfjszc_navps.dat
    ! EGDACCESS !


    --------------------[ Fin du rapport a 19:39:34,53 ]----------------------
    Contenus similaires
    a b 8 Sécurité
    8 Janvier 2008 19:45:17

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    8 Janvier 2008 20:03:11

    Search Navipromo version 3.3.9 commencé le 08/01/2008 à 19:26:15,40

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 06.01.2008 à 20h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***




    *** Recherche dossiers dans C:\WINDOWS ***



    *** Recherche dossiers dans C:\Program Files ***



    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




    *** Recherche dossiers dans "C:\Documents and Settings\Christ\application data" ***



    *** Recherche dossiers dans "C:\Documents and Settings\Christ\MENUDM~1\PROGRA~1" ***


    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun Fichier trouvé



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans C:\WINDOWS\system32 *

    * Recherche dans "C:\Documents and Settings\Christ\local settings\application data" *



    *** Recherche fichiers ***




    *** Recherche clés spécifiques dans le Registre ***

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans C:\WINDOWS\system32 :


    * Dans "C:\Documents and Settings\Christ\local settings\application data" :


    3)Recherche Certificats :

    Certificat Egroup absent !

    4)Recherche fichiers connus :



    *** Analyse terminée le 08/01/2008 à 19:34:15,73 ***
    a b 8 Sécurité
    8 Janvier 2008 20:03:58

    Euh...c'est pas ce que j'ai demandé...
    8 Janvier 2008 20:06:51

    excuse moi je me suis trompé de rapport, voici le bon

    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 08/01/2008 | 19:52:29,95 ] [ TONDUSSO-0MMCO3 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\WINDOWS\Tasks\A5782174919FDC34.job
    Supprimé! - C:\WINDOWS\Tasks\A9D28D9791853DAB.job
    Supprimé! - C:\WINDOWS\Tasks\B463DCD691344EEE.job
    Supprimé! - C:\Program Files\Multi_Media
    Supprimé! - C:\Documents and Settings\Hugo\APPLIC~1\dog nurb debug\boob spam cast fork.exe
    Supprimé! - C:\Documents and Settings\v‚ro_2\APPLIC~1\dog nurb debug\boob spam cast fork.exe
    Supprimé! - C:\Documents and Settings\Hugo\APPLIC~1\DOGNUR~1
    Supprimé! - C:\Program Files\DOGNUR~1
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\Administrateur\APPLIC~1\desktop.ini
    C:\Documents and Settings\Administrateur\APPLIC~1\Microsoft

    C:\Documents and Settings\All Users\APPLIC~1\Bags Plus Online Chin
    C:\Documents and Settings\All Users\APPLIC~1\Windows Live Toolbar
    C:\Documents and Settings\All Users\APPLIC~1\VMware
    C:\Documents and Settings\All Users\APPLIC~1\TechSmith
    C:\Documents and Settings\All Users\APPLIC~1\ezsid.dat
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\nHancer
    C:\Documents and Settings\All Users\APPLIC~1\NVIDIA
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Creative
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\WinAntiVirus Pro 2006
    C:\Documents and Settings\All Users\APPLIC~1\Trymedia
    C:\Documents and Settings\All Users\APPLIC~1\MSN6
    C:\Documents and Settings\All Users\APPLIC~1\Emjysoft
    C:\Documents and Settings\All Users\APPLIC~1\UDL
    C:\Documents and Settings\All Users\APPLIC~1\Exetender
    C:\Documents and Settings\All Users\APPLIC~1\DVD Shrink
    C:\Documents and Settings\All Users\APPLIC~1\Ciel
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\HP
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\Logitech
    C:\Documents and Settings\All Users\APPLIC~1\SmartSound Software Inc
    C:\Documents and Settings\All Users\APPLIC~1\Pinnacle
    C:\Documents and Settings\All Users\APPLIC~1\Macrovision
    C:\Documents and Settings\All Users\APPLIC~1\Ahead
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
    C:\Documents and Settings\All Users\APPLIC~1\CyberLink
    C:\Documents and Settings\All Users\APPLIC~1\Knowledge Adventure
    C:\Documents and Settings\All Users\APPLIC~1\QuickTime

    C:\Documents and Settings\Christ\APPLIC~1\dog nurb debug
    C:\Documents and Settings\Christ\APPLIC~1\Microsoft
    C:\Documents and Settings\Christ\APPLIC~1\Skype
    C:\Documents and Settings\Christ\APPLIC~1\skypePM
    C:\Documents and Settings\Christ\APPLIC~1\AquaNox
    C:\Documents and Settings\Christ\APPLIC~1\Sun
    C:\Documents and Settings\Christ\APPLIC~1\Adobe
    C:\Documents and Settings\Christ\APPLIC~1\fltk.org
    C:\Documents and Settings\Christ\APPLIC~1\LimeWire
    C:\Documents and Settings\Christ\APPLIC~1\Styler
    C:\Documents and Settings\Christ\APPLIC~1\Stardock
    C:\Documents and Settings\Christ\APPLIC~1\gtopala
    C:\Documents and Settings\Christ\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\Christ\APPLIC~1\TaoUSign
    C:\Documents and Settings\Christ\APPLIC~1\Creative
    C:\Documents and Settings\Christ\APPLIC~1\AdobeUM
    C:\Documents and Settings\Christ\APPLIC~1\DivX
    C:\Documents and Settings\Christ\APPLIC~1\MSN6
    C:\Documents and Settings\Christ\APPLIC~1\Emjysoft
    C:\Documents and Settings\Christ\APPLIC~1\EPSON
    C:\Documents and Settings\Christ\APPLIC~1\Ahead
    C:\Documents and Settings\Christ\APPLIC~1\Leadertech
    C:\Documents and Settings\Christ\APPLIC~1\HP
    C:\Documents and Settings\Christ\APPLIC~1\Common Files
    C:\Documents and Settings\Christ\APPLIC~1\Google
    C:\Documents and Settings\Christ\APPLIC~1\Real
    C:\Documents and Settings\Christ\APPLIC~1\Apple Computer
    C:\Documents and Settings\Christ\APPLIC~1\Macromedia
    C:\Documents and Settings\Christ\APPLIC~1\NeroVision
    C:\Documents and Settings\Christ\APPLIC~1\CyberLink
    C:\Documents and Settings\Christ\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Christ\APPLIC~1\Help
    C:\Documents and Settings\Christ\APPLIC~1\Logitech
    C:\Documents and Settings\Christ\APPLIC~1\Lavasoft
    C:\Documents and Settings\Christ\APPLIC~1\Identities
    C:\Documents and Settings\Christ\APPLIC~1\desktop.ini

    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft

    C:\Documents and Settings\Hugo\APPLIC~1\Microsoft
    C:\Documents and Settings\Hugo\APPLIC~1\Lavasoft
    C:\Documents and Settings\Hugo\APPLIC~1\Styler
    C:\Documents and Settings\Hugo\APPLIC~1\Creative
    C:\Documents and Settings\Hugo\APPLIC~1\DivX
    C:\Documents and Settings\Hugo\APPLIC~1\Adobe
    C:\Documents and Settings\Hugo\APPLIC~1\Real
    C:\Documents and Settings\Hugo\APPLIC~1\Macromedia
    C:\Documents and Settings\Hugo\APPLIC~1\Apple Computer
    C:\Documents and Settings\Hugo\APPLIC~1\Logitech
    C:\Documents and Settings\Hugo\APPLIC~1\Identities
    C:\Documents and Settings\Hugo\APPLIC~1\desktop.ini

    C:\Documents and Settings\LocalService\APPLIC~1\VMware
    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
    C:\Documents and Settings\LocalService\APPLIC~1\Webroot

    C:\Documents and Settings\NetworkService\APPLIC~1\VMware
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec
    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    C:\Documents and Settings\Th‚o\APPLIC~1\dog nurb debug
    C:\Documents and Settings\Th‚o\APPLIC~1\SparkleXP
    C:\Documents and Settings\Th‚o\APPLIC~1\Microsoft
    C:\Documents and Settings\Th‚o\APPLIC~1\VMware
    C:\Documents and Settings\Th‚o\APPLIC~1\Adobe
    C:\Documents and Settings\Th‚o\APPLIC~1\fltk.org
    C:\Documents and Settings\Th‚o\APPLIC~1\Styler
    C:\Documents and Settings\Th‚o\APPLIC~1\CyberLink
    C:\Documents and Settings\Th‚o\APPLIC~1\Logitech
    C:\Documents and Settings\Th‚o\APPLIC~1\Help
    C:\Documents and Settings\Th‚o\APPLIC~1\Creative
    C:\Documents and Settings\Th‚o\APPLIC~1\Sierra
    C:\Documents and Settings\Th‚o\APPLIC~1\DivX
    C:\Documents and Settings\Th‚o\APPLIC~1\MSN6
    C:\Documents and Settings\Th‚o\APPLIC~1\Ahead
    C:\Documents and Settings\Th‚o\APPLIC~1\Google
    C:\Documents and Settings\Th‚o\APPLIC~1\Emjysoft
    C:\Documents and Settings\Th‚o\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\Th‚o\APPLIC~1\AdobeUM
    C:\Documents and Settings\Th‚o\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Th‚o\APPLIC~1\Webroot
    C:\Documents and Settings\Th‚o\APPLIC~1\Apple Computer
    C:\Documents and Settings\Th‚o\APPLIC~1\Symantec
    C:\Documents and Settings\Th‚o\APPLIC~1\Real
    C:\Documents and Settings\Th‚o\APPLIC~1\Macromedia
    C:\Documents and Settings\Th‚o\APPLIC~1\The Labyrinth Plus! Edition
    C:\Documents and Settings\Th‚o\APPLIC~1\Identities
    C:\Documents and Settings\Th‚o\APPLIC~1\desktop.ini

    C:\Documents and Settings\v‚ro_2\APPLIC~1\dog nurb debug
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Skype
    C:\Documents and Settings\v‚ro_2\APPLIC~1\skypePM
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Microsoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Lavasoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Sun
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Ahead
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Styler
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Creative
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Adobe
    C:\Documents and Settings\v‚ro_2\APPLIC~1\DivX
    C:\Documents and Settings\v‚ro_2\APPLIC~1\MSN6
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Emjysoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\v‚ro_2\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Help
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Apple Computer
    C:\Documents and Settings\v‚ro_2\APPLIC~1\AdobeUM
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Macromedia
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Real
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Identities
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Logitech
    C:\Documents and Settings\v‚ro_2\APPLIC~1\desktop.ini

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [08/01/2008 18:22][--ah-----]C:\WINDOWS\tasks\SA.DAT
    [24/04/2003 13:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\Adobe
    C:\Program Files\Ahead
    C:\Program Files\Alwil Software
    C:\Program Files\Apple Software Update
    C:\Program Files\ArcSoft
    C:\Program Files\Audacity
    C:\Program Files\Axis Communications
    C:\Program Files\Borland
    C:\Program Files\BurnInTest
    C:\Program Files\CCleaner
    C:\Program Files\C-Media 3D Audio
    C:\Program Files\Common Files
    C:\Program Files\Creative
    C:\Program Files\CyberLink
    C:\Program Files\CyberLink DVD Solution
    C:\Program Files\DivX
    C:\Program Files\DivXCodec
    C:\Program Files\DOSBox-0.65
    C:\Program Files\DOSBox-0.70
    C:\Program Files\DVD Decrypter
    C:\Program Files\DVD Shrink
    C:\Program Files\EPSON
    C:\Program Files\Fichiers communs
    C:\Program Files\GALLIMARD
    C:\Program Files\Hercules
    C:\Program Files\HighMAT CD Writing Wizard
    C:\Program Files\Hijackthis Version Fran‡aise
    C:\Program Files\iColorFolder
    C:\Program Files\IncrediMail
    C:\Program Files\InterActual
    C:\Program Files\Internet Explorer
    C:\Program Files\iPod
    C:\Program Files\iTunes
    C:\Program Files\Java
    C:\Program Files\Lavalys
    C:\Program Files\LightSurf
    C:\Program Files\LiveUpdate
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Micro Application
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Money
    C:\Program Files\Microsoft Money 2005
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Plus!
    C:\Program Files\Microsoft Virtual PC Trial
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft Works Suite 2004
    C:\Program Files\Microsoft.NET
    C:\Program Files\Movie Maker
    C:\Program Files\MSN
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSXML 4.0
    C:\Program Files\MSXML 6.0
    C:\Program Files\MultiMedia Toolbar
    C:\Program Files\MUSICMATCH
    C:\Program Files\Navilog1
    C:\Program Files\NetMeeting
    C:\Program Files\Norton SystemWorks
    C:\Program Files\OfficeUpdate11
    C:\Program Files\OO Software
    C:\Program Files\orange
    C:\Program Files\Outlook Express
    C:\Program Files\Overland
    C:\Program Files\Pinnacle
    C:\Program Files\Player Metaboli
    C:\Program Files\PROMT5
    C:\Program Files\QuickTime
    C:\Program Files\Real
    C:\Program Files\RegCleaner
    C:\Program Files\SAGEM
    C:\Program Files\Serif
    C:\Program Files\Services en ligne
    C:\Program Files\Shockwave.com
    C:\Program Files\Sierra On-Line
    C:\Program Files\SightSpeed
    C:\Program Files\SiSLan
    C:\Program Files\SkinMaker1.1
    C:\Program Files\Skype
    C:\Program Files\SmartSound Software
    C:\Program Files\StofWare
    C:\Program Files\Symantec
    C:\Program Files\SystemRequirementsLab
    C:\Program Files\TestLAB 2003 Express
    C:\Program Files\TGTSoft
    C:\Program Files\TryMedia
    C:\Program Files\Ubisoft
    C:\Program Files\UNWISE.EXE
    C:\Program Files\Wanadoo
    C:\Program Files\Wanadoo Messager
    C:\Program Files\Wanadoo Photo
    C:\Program Files\WinASPI
    C:\Program Files\Windows Live Safety Center
    C:\Program Files\Windows Live Toolbar
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\xerox
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\Ahead
    C:\Program Files\Fichiers communs\DESIGNER
    C:\Program Files\Fichiers communs\DirectX
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Macrovision Shared
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\Softwin
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\Wise Installation Wizard
    C:\Program Files\Fichiers communs\xing shared

    ----------------------[ Recherche avec S_Lop ]---------------------


    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-08 19:54:18
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\system32\xdjfjszc_navps.dat
    ! EGDACCESS !


    --------------------[ Fin du rapport a 19:54:31,82 ]----------------------
    a b 8 Sécurité
    8 Janvier 2008 20:07:29

    Re,

    Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
    Suis les instructions. Choisis ensuite l'option 2 puis valide.
    Laisse toi guider et réponds aux questions éventuelles.

    L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
    [#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
    Appuie maintenant sur une touche, comme demandé.
    (si ton PC ne redémarre pas automatiquement, fais-le manuellement)

    Patiente jusqu'à l'apparition de ce message :
    "*** Nettoyage Termine le ..... ***"

    Le Bloc-notes va s'ouvrir.
    Sauvegarde le rapport de manière à le retrouver.
    Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.

    Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
    Ainsi qu'un nouveau rapport Hijackthis.
    8 Janvier 2008 20:37:32

    j'ai effectué l'option 2 de navilog 1 et je n'ai pas eu le mesage suivant:
    "*** Nettoyage Termine le ..... ***" et le bloc note n'est pas apparu.

    voici le nouveau rapport Hijackthis.

    Logfile of HijackThis v1.99.1
    Scan saved at 20:36:15, on 08/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\Mixer.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
    D:\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
    C:\WINDOWS\$NtUninstallMSCompPackV1$\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\WINDOWS\system32\E_S00RP1.EXE
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\WINDOWS\V0220Mon.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Borland\InterBase\Bin\ibguard.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\PROMT5\INTEGRAL\pinmenu.exe
    C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\LightSurf\Common\IconMgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\LightSurf\Colorific\hgcctl95.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\SAgent4.exe
    C:\Program Files\LightSurf\Color Indicator\TICIcon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Borland\InterBase\Bin\ibserver.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\System32\PCLECoInst.dll",CheckUSBController
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun
    O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
    O4 - HKLM\..\Run: [USBToolTip] "D:\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin\body axis.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Norton SystemWorks] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID {DA9935BA-22F7-44ee-BD12-BD8B87700BEA}
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: LightSurf.lnk = C:\Program Files\LightSurf\Common\IconMgr.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Pense-bête.lnk = D:\PrintMaster\PrintMaster\PMREMIND.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx
    O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/pc/resources/a...
    O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://tours.trafic.ville.wanadoo.fr/Common/activex/Axi...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/i...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: DirectX Service (DirectCohr) - Unknown owner - c:\windows\system32\directx.exe
    O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\InterBase\Bin\ibguard.exe
    O23 - Service: InterBaseServer - Inprise Corporation - C:\Program Files\Borland\InterBase\Bin\ibserver.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
    O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

    8 Janvier 2008 23:23:02

    voici le rapport d'antivir



    AntiVir PersonalEdition Classic
    Report file date: mardi 8 janvier 2008 21:32

    Scanning for 1017413 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: SYSTEM
    Computer name: TONDUSSO-0MMCO3

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 20:27:17
    ANTIVIR2.VDF : 7.0.1.205 620544 Bytes 08/01/2008 20:27:17
    ANTIVIR3.VDF : 7.0.1.208 9728 Bytes 08/01/2008 20:27:17
    AVEWIN32.DLL : 7.6.0.46 3084800 Bytes 08/01/2008 20:27:18
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
    AVPACK32.DLL : 7.6.0.2 360488 Bytes 08/01/2008 20:27:18
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: I:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mardi 8 janvier 2008 21:32

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned
    Scan process 'YzShadow.exe' - '1' Module(s) have been scanned
    Scan process 'UberIcon Manager.exe' - '1' Module(s) have been scanned
    Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
    Scan process 'TICIcon.exe' - '1' Module(s) have been scanned
    Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
    Scan process 'hgcctl95.exe' - '1' Module(s) have been scanned
    Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned
    Scan process 'IconMgr.exe' - '1' Module(s) have been scanned
    Scan process 'dslmon.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'Reader_SL.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'qttask.exe' - '1' Module(s) have been scanned
    Scan process 'V0220Mon.exe' - '1' Module(s) have been scanned
    Scan process 'StartFX.exe' - '1' Module(s) have been scanned
    Scan process 'pinmenu.exe' - '1' Module(s) have been scanned
    Scan process 'CnxMon.exe' - '1' Module(s) have been scanned
    Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'USBTip.exe' - '1' Module(s) have been scanned
    Scan process 'E_FATIAEE.EXE' - '1' Module(s) have been scanned
    Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'mixer.exe' - '1' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'ibserver.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SAgent4.exe' - '1' Module(s) have been scanned
    Scan process 'NOPDB.exe' - '1' Module(s) have been scanned
    Scan process 'slserv.exe' - '1' Module(s) have been scanned
    Scan process 'oodag.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'NPROTECT.EXE' - '1' Module(s) have been scanned
    Scan process 'ibguard.exe' - '1' Module(s) have been scanned
    Scan process 'E_S00RP1.EXE' - '1' Module(s) have been scanned
    Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    62 processes with 62 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!
    Boot sector 'E:\'
    [NOTE] No virus was found!
    Boot sector 'H:\'
    [NOTE] No virus was found!
    Boot sector 'I:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '52' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Théo\Application Data\dog nurb debug\boob spam cast fork.exe
    [DETECTION] Is the Trojan horse TR/Inject.PV
    [INFO] The file was moved to '47f2e08d.qua'!
    C:\Documents and Settings\Théo\Application Data\dog nurb debug\mnbgoyir.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5352
    [INFO] The file was moved to '47e5e08f.qua'!
    C:\Documents and Settings\Théo\Application Data\dog nurb debug\online tool.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5402
    [INFO] The file was moved to '47efe092.qua'!
    C:\Program Files\Lop SD\Backup-Lop\S-D\mhycdmtz.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5437
    [INFO] The file was moved to '47fce500.qua'!
    C:\Program Files\Lop SD\Backup-Lop\S-D\online tool.exe
    [DETECTION] Is the Trojan horse TR/Obfuscated.MW
    [INFO] The file was moved to '47efe50a.qua'!
    C:\Program Files\MultiMedia Toolbar\MultiMedia - Installer.exe
    [DETECTION] Contains detection pattern of the dropper DR/Shopper.L.8
    [INFO] The file was moved to '47efe5bd.qua'!
    C:\RECYCLER\NPROTECT\00001324.EXE
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5436
    [INFO] The file was moved to '47b3e5e4.qua'!
    C:\RECYCLER\NPROTECT\00001328.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5437
    [INFO] The file was moved to '47b3e5e8.qua'!
    C:\RECYCLER\NPROTECT\00001329.EXE
    [DETECTION] Is the Trojan horse TR/Obfuscated.MW
    [INFO] The file was moved to '47b3e5ec.qua'!
    C:\RECYCLER\NPROTECT\00002572.EXE
    [DETECTION] Is the Trojan horse TR/Inject.PV
    [INFO] The file was moved to '47b3e602.qua'!
    C:\RECYCLER\NPROTECT\00002575.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5352
    [INFO] The file was moved to '47b3e604.qua'!
    C:\RECYCLER\NPROTECT\00002578.EXE
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5402
    [INFO] The file was moved to '47b3e605.qua'!
    C:\RECYCLER\NPROTECT\00002581.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5437
    [INFO] The file was moved to '47b3e606.qua'!
    C:\RECYCLER\NPROTECT\00002584.EXE
    [DETECTION] Is the Trojan horse TR/Obfuscated.MW
    [INFO] The file was moved to '47b3e609.qua'!
    C:\RECYCLER\NPROTECT\00002587.EXE
    [DETECTION] Contains detection pattern of the dropper DR/Shopper.L.8
    [INFO] The file was moved to '47b3e60b.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP59\A0019514.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e60e.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP59\A0020516.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e616.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP63\A0022762.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e622.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP64\A0022872.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e628.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP64\A0022873.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e62a.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP64\A0022914.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e62d.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP66\A0023096.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5402
    [INFO] The file was moved to '47b3e638.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP66\A0023247.EXE
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5368
    [INFO] The file was moved to '47b3e63e.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP66\A0023424.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e642.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP67\A0023832.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5402
    [INFO] The file was moved to '47b3e64c.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP68\A0023844.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e651.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP75\A0023954.EXE
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5436
    [INFO] The file was moved to '47b3e65c.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP75\A0023955.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5437
    [INFO] The file was moved to '47b3e65f.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP75\A0024098.EXE
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5436
    [INFO] The file was moved to '47b3e667.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP75\A0024099.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5424
    [INFO] The file was moved to '47b3e668.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP75\A0024101.EXE
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5368
    [INFO] The file was moved to '47b3e66a.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP80\A0024587.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e67e.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP80\A0024626.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5402
    [INFO] The file was moved to '47b3e682.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP81\A0024640.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5436
    [INFO] The file was moved to '47b3e685.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP85\A0025414.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e69d.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP86\A0025443.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e6a2.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP86\A0025502.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47b3e6a8.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025565.EXE
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5436
    [INFO] The file was moved to '47b3e6ad.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025566.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5437
    [INFO] The file was moved to '47b3e6af.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025567.EXE
    [DETECTION] Is the Trojan horse TR/Obfuscated.MW
    [INFO] The file was moved to '47b3e6b1.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025568.EXE
    [DETECTION] Is the Trojan horse TR/Inject.PV
    [INFO] The file was moved to '47b3e6b3.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025569.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5352
    [INFO] The file was moved to '47b3e6b5.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025570.EXE
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5402
    [INFO] The file was moved to '47b3e6b7.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025571.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5437
    [INFO] The file was moved to '47b3e6b9.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025572.EXE
    [DETECTION] Is the Trojan horse TR/Obfuscated.MW
    [INFO] The file was moved to '47b3e6bb.qua'!
    C:\System Volume Information\_restore{8F06E46F-2C7B-453E-AD26-878B6D91DE6E}\RP87\A0025573.exe
    [DETECTION] Contains detection pattern of the dropper DR/Shopper.L.8
    [INFO] The file was moved to '47b3e6bc.qua'!
    C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\IEXPLORE.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47dbe747.qua'!
    C:\WINDOWS\$NtUninstallMSCompPackV1$\IEXPLORE.EXE
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47dbe74b.qua'!
    C:\WINDOWS\system32\directx.exe
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Rukap.BS.3 Backdoor server programs
    [INFO] The file was moved to '47f5eabe.qua'!
    C:\WINDOWS\system32\ksdaneximh.exe.ren
    [DETECTION] Is the Trojan horse TR/Dropper.Gen
    [INFO] The file was moved to '47e7eadf.qua'!
    C:\WINDOWS\system32\xdjfjszc.exe.ren
    [DETECTION] Is the Trojan horse TR/Dropper.Gen
    [INFO] The file was moved to '47edeb06.qua'!
    C:\WINDOWS\system32\zsegczsw.exe.ren
    [DETECTION] Is the Trojan horse TR/Dropper.Gen
    [INFO] The file was moved to '47e8eb19.qua'!
    C:\WINDOWS\system32\drivers\atapi.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\sptd7005.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\'
    Begin scan in 'E:\'
    Begin scan in 'H:\'
    Begin scan in 'I:\'


    End of the scan: mardi 8 janvier 2008 23:18
    Used time: 1:46:30 min

    The scan has been done completely.

    12062 Scanning directories
    553180 Files were scanned
    52 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    52 files were moved to quarantine
    0 files were renamed
    5 Files cannot be scanned
    553128 Files not concerned
    3624 Archives were scanned
    9 Warnings
    11 Notes

    a b 8 Sécurité
    9 Janvier 2008 13:19:04

    Reposte un rapport Hijackthis.
    9 Janvier 2008 19:39:28

    Bonjour Angeldark
    voiçi le rapport Hijackthis et merçi encore pour ton aide



    Logfile of HijackThis v1.99.1
    Scan saved at 19:37:13, on 09/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\E_S00RP1.EXE
    C:\Program Files\Borland\InterBase\Bin\ibguard.exe
    C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\slserv.exe
    C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
    C:\WINDOWS\system32\SAgent4.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Borland\InterBase\Bin\ibserver.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\Mixer.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
    D:\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    C:\WINDOWS\V0220Mon.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\PROMT5\INTEGRAL\pinmenu.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\LightSurf\Common\IconMgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\Program Files\LightSurf\Colorific\hgcctl95.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\LightSurf\Color Indicator\TICIcon.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\System32\PCLECoInst.dll",CheckUSBController
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun
    O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
    O4 - HKLM\..\Run: [USBToolTip] "D:\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
    O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin\body axis.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Norton SystemWorks] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID {DA9935BA-22F7-44ee-BD12-BD8B87700BEA}
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: LightSurf.lnk = C:\Program Files\LightSurf\Common\IconMgr.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Pense-bête.lnk = D:\PrintMaster\PrintMaster\PMREMIND.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx
    O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/pc/resources/a...
    O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://tours.trafic.ville.wanadoo.fr/Common/activex/Axi...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/i...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: DirectX Service (DirectCohr) - Unknown owner - c:\windows\system32\directx.exe (file missing)
    O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\InterBase\Bin\ibguard.exe
    O23 - Service: InterBaseServer - Inprise Corporation - C:\Program Files\Borland\InterBase\Bin\ibserver.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
    O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

    a b 8 Sécurité
    9 Janvier 2008 20:18:03

    Refais un scan LopS&D option 1 :) 
    9 Janvier 2008 20:32:21


    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 09/01/2008 | 20:29:27,68 ] [ TONDUSSO-0MMCO3 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\Administrateur\APPLIC~1\desktop.ini
    C:\Documents and Settings\Administrateur\APPLIC~1\Microsoft

    C:\Documents and Settings\All Users\APPLIC~1\addr_file.html
    C:\Documents and Settings\All Users\APPLIC~1\Avira
    C:\Documents and Settings\All Users\APPLIC~1\Bags Plus Online Chin
    C:\Documents and Settings\All Users\APPLIC~1\Windows Live Toolbar
    C:\Documents and Settings\All Users\APPLIC~1\VMware
    C:\Documents and Settings\All Users\APPLIC~1\TechSmith
    C:\Documents and Settings\All Users\APPLIC~1\ezsid.dat
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\nHancer
    C:\Documents and Settings\All Users\APPLIC~1\NVIDIA
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Creative
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\WinAntiVirus Pro 2006
    C:\Documents and Settings\All Users\APPLIC~1\Trymedia
    C:\Documents and Settings\All Users\APPLIC~1\MSN6
    C:\Documents and Settings\All Users\APPLIC~1\Emjysoft
    C:\Documents and Settings\All Users\APPLIC~1\UDL
    C:\Documents and Settings\All Users\APPLIC~1\Exetender
    C:\Documents and Settings\All Users\APPLIC~1\DVD Shrink
    C:\Documents and Settings\All Users\APPLIC~1\Ciel
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\HP
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\Logitech
    C:\Documents and Settings\All Users\APPLIC~1\SmartSound Software Inc
    C:\Documents and Settings\All Users\APPLIC~1\Pinnacle
    C:\Documents and Settings\All Users\APPLIC~1\Macrovision
    C:\Documents and Settings\All Users\APPLIC~1\Ahead
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
    C:\Documents and Settings\All Users\APPLIC~1\CyberLink
    C:\Documents and Settings\All Users\APPLIC~1\Knowledge Adventure
    C:\Documents and Settings\All Users\APPLIC~1\QuickTime

    C:\Documents and Settings\Christ\APPLIC~1\dog nurb debug
    C:\Documents and Settings\Christ\APPLIC~1\Microsoft
    C:\Documents and Settings\Christ\APPLIC~1\Skype
    C:\Documents and Settings\Christ\APPLIC~1\skypePM
    C:\Documents and Settings\Christ\APPLIC~1\AquaNox
    C:\Documents and Settings\Christ\APPLIC~1\Sun
    C:\Documents and Settings\Christ\APPLIC~1\Adobe
    C:\Documents and Settings\Christ\APPLIC~1\fltk.org
    C:\Documents and Settings\Christ\APPLIC~1\LimeWire
    C:\Documents and Settings\Christ\APPLIC~1\Styler
    C:\Documents and Settings\Christ\APPLIC~1\Stardock
    C:\Documents and Settings\Christ\APPLIC~1\gtopala
    C:\Documents and Settings\Christ\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\Christ\APPLIC~1\TaoUSign
    C:\Documents and Settings\Christ\APPLIC~1\Creative
    C:\Documents and Settings\Christ\APPLIC~1\AdobeUM
    C:\Documents and Settings\Christ\APPLIC~1\DivX
    C:\Documents and Settings\Christ\APPLIC~1\MSN6
    C:\Documents and Settings\Christ\APPLIC~1\Emjysoft
    C:\Documents and Settings\Christ\APPLIC~1\EPSON
    C:\Documents and Settings\Christ\APPLIC~1\Ahead
    C:\Documents and Settings\Christ\APPLIC~1\Leadertech
    C:\Documents and Settings\Christ\APPLIC~1\HP
    C:\Documents and Settings\Christ\APPLIC~1\Common Files
    C:\Documents and Settings\Christ\APPLIC~1\Google
    C:\Documents and Settings\Christ\APPLIC~1\Real
    C:\Documents and Settings\Christ\APPLIC~1\Apple Computer
    C:\Documents and Settings\Christ\APPLIC~1\Macromedia
    C:\Documents and Settings\Christ\APPLIC~1\NeroVision
    C:\Documents and Settings\Christ\APPLIC~1\CyberLink
    C:\Documents and Settings\Christ\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Christ\APPLIC~1\Help
    C:\Documents and Settings\Christ\APPLIC~1\Logitech
    C:\Documents and Settings\Christ\APPLIC~1\Lavasoft
    C:\Documents and Settings\Christ\APPLIC~1\Identities
    C:\Documents and Settings\Christ\APPLIC~1\desktop.ini

    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft

    C:\Documents and Settings\Hugo\APPLIC~1\Microsoft
    C:\Documents and Settings\Hugo\APPLIC~1\Lavasoft
    C:\Documents and Settings\Hugo\APPLIC~1\Styler
    C:\Documents and Settings\Hugo\APPLIC~1\Creative
    C:\Documents and Settings\Hugo\APPLIC~1\DivX
    C:\Documents and Settings\Hugo\APPLIC~1\Adobe
    C:\Documents and Settings\Hugo\APPLIC~1\Real
    C:\Documents and Settings\Hugo\APPLIC~1\Macromedia
    C:\Documents and Settings\Hugo\APPLIC~1\Apple Computer
    C:\Documents and Settings\Hugo\APPLIC~1\Logitech
    C:\Documents and Settings\Hugo\APPLIC~1\Identities
    C:\Documents and Settings\Hugo\APPLIC~1\desktop.ini

    C:\Documents and Settings\LocalService\APPLIC~1\VMware
    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
    C:\Documents and Settings\LocalService\APPLIC~1\Webroot

    C:\Documents and Settings\NetworkService\APPLIC~1\VMware
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec
    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    C:\Documents and Settings\Th‚o\APPLIC~1\dog nurb debug
    C:\Documents and Settings\Th‚o\APPLIC~1\SparkleXP
    C:\Documents and Settings\Th‚o\APPLIC~1\Microsoft
    C:\Documents and Settings\Th‚o\APPLIC~1\VMware
    C:\Documents and Settings\Th‚o\APPLIC~1\Adobe
    C:\Documents and Settings\Th‚o\APPLIC~1\fltk.org
    C:\Documents and Settings\Th‚o\APPLIC~1\Styler
    C:\Documents and Settings\Th‚o\APPLIC~1\CyberLink
    C:\Documents and Settings\Th‚o\APPLIC~1\Logitech
    C:\Documents and Settings\Th‚o\APPLIC~1\Help
    C:\Documents and Settings\Th‚o\APPLIC~1\Creative
    C:\Documents and Settings\Th‚o\APPLIC~1\Sierra
    C:\Documents and Settings\Th‚o\APPLIC~1\DivX
    C:\Documents and Settings\Th‚o\APPLIC~1\MSN6
    C:\Documents and Settings\Th‚o\APPLIC~1\Ahead
    C:\Documents and Settings\Th‚o\APPLIC~1\Google
    C:\Documents and Settings\Th‚o\APPLIC~1\Emjysoft
    C:\Documents and Settings\Th‚o\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\Th‚o\APPLIC~1\AdobeUM
    C:\Documents and Settings\Th‚o\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\Th‚o\APPLIC~1\Webroot
    C:\Documents and Settings\Th‚o\APPLIC~1\Apple Computer
    C:\Documents and Settings\Th‚o\APPLIC~1\Symantec
    C:\Documents and Settings\Th‚o\APPLIC~1\Real
    C:\Documents and Settings\Th‚o\APPLIC~1\Macromedia
    C:\Documents and Settings\Th‚o\APPLIC~1\The Labyrinth Plus! Edition
    C:\Documents and Settings\Th‚o\APPLIC~1\Identities
    C:\Documents and Settings\Th‚o\APPLIC~1\desktop.ini

    C:\Documents and Settings\v‚ro_2\APPLIC~1\Skype
    C:\Documents and Settings\v‚ro_2\APPLIC~1\skypePM
    C:\Documents and Settings\v‚ro_2\APPLIC~1\dog nurb debug
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Microsoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Lavasoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Sun
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Ahead
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Styler
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Creative
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Adobe
    C:\Documents and Settings\v‚ro_2\APPLIC~1\DivX
    C:\Documents and Settings\v‚ro_2\APPLIC~1\MSN6
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Emjysoft
    C:\Documents and Settings\v‚ro_2\APPLIC~1\IDS_COMPANY
    C:\Documents and Settings\v‚ro_2\APPLIC~1\wklnhst.dat
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Help
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Apple Computer
    C:\Documents and Settings\v‚ro_2\APPLIC~1\AdobeUM
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Macromedia
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Real
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Identities
    C:\Documents and Settings\v‚ro_2\APPLIC~1\Logitech
    C:\Documents and Settings\v‚ro_2\APPLIC~1\desktop.ini

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [09/01/2008 18:07][--ah-----]C:\WINDOWS\tasks\SA.DAT
    [24/04/2003 13:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\Adobe
    C:\Program Files\Ahead
    C:\Program Files\Alwil Software
    C:\Program Files\Apple Software Update
    C:\Program Files\ArcSoft
    C:\Program Files\Audacity
    C:\Program Files\Avira
    C:\Program Files\Axis Communications
    C:\Program Files\Borland
    C:\Program Files\BurnInTest
    C:\Program Files\CCleaner
    C:\Program Files\C-Media 3D Audio
    C:\Program Files\Common Files
    C:\Program Files\Creative
    C:\Program Files\CyberLink
    C:\Program Files\CyberLink DVD Solution
    C:\Program Files\DivX
    C:\Program Files\DivXCodec
    C:\Program Files\DOSBox-0.65
    C:\Program Files\DOSBox-0.70
    C:\Program Files\DVD Decrypter
    C:\Program Files\DVD Shrink
    C:\Program Files\EPSON
    C:\Program Files\Fichiers communs
    C:\Program Files\GALLIMARD
    C:\Program Files\Hercules
    C:\Program Files\HighMAT CD Writing Wizard
    C:\Program Files\Hijackthis Version Fran‡aise
    C:\Program Files\iColorFolder
    C:\Program Files\IncrediMail
    C:\Program Files\InterActual
    C:\Program Files\Internet Explorer
    C:\Program Files\iPod
    C:\Program Files\iTunes
    C:\Program Files\Java
    C:\Program Files\Lavalys
    C:\Program Files\LightSurf
    C:\Program Files\LiveUpdate
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Micro Application
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Money
    C:\Program Files\Microsoft Money 2005
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Plus!
    C:\Program Files\Microsoft Virtual PC Trial
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft Works Suite 2004
    C:\Program Files\Microsoft.NET
    C:\Program Files\Movie Maker
    C:\Program Files\MSN
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSXML 4.0
    C:\Program Files\MSXML 6.0
    C:\Program Files\MultiMedia Toolbar
    C:\Program Files\MUSICMATCH
    C:\Program Files\Navilog1
    C:\Program Files\NetMeeting
    C:\Program Files\Norton SystemWorks
    C:\Program Files\OfficeUpdate11
    C:\Program Files\OO Software
    C:\Program Files\orange
    C:\Program Files\Outlook Express
    C:\Program Files\Overland
    C:\Program Files\Pinnacle
    C:\Program Files\Player Metaboli
    C:\Program Files\PROMT5
    C:\Program Files\QuickTime
    C:\Program Files\Real
    C:\Program Files\RegCleaner
    C:\Program Files\SAGEM
    C:\Program Files\Serif
    C:\Program Files\Services en ligne
    C:\Program Files\Shockwave.com
    C:\Program Files\Sierra On-Line
    C:\Program Files\SightSpeed
    C:\Program Files\SiSLan
    C:\Program Files\SkinMaker1.1
    C:\Program Files\Skype
    C:\Program Files\SmartSound Software
    C:\Program Files\StofWare
    C:\Program Files\Symantec
    C:\Program Files\SystemRequirementsLab
    C:\Program Files\TestLAB 2003 Express
    C:\Program Files\TGTSoft
    C:\Program Files\TryMedia
    C:\Program Files\Ubisoft
    C:\Program Files\UNWISE.EXE
    C:\Program Files\Wanadoo
    C:\Program Files\Wanadoo Messager
    C:\Program Files\Wanadoo Photo
    C:\Program Files\WinASPI
    C:\Program Files\Windows Live Safety Center
    C:\Program Files\Windows Live Toolbar
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\xerox
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\Ahead
    C:\Program Files\Fichiers communs\DESIGNER
    C:\Program Files\Fichiers communs\DirectX
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Macrovision Shared
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\Softwin
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\Wise Installation Wizard
    C:\Program Files\Fichiers communs\xing shared

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-09 20:31:20
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\system32\xdjfjszc_navps.dat
    ! EGDACCESS !


    --------------------[ Fin du rapport a 20:31:35,71 ]----------------------
    a b 8 Sécurité
    9 Janvier 2008 20:53:20

    Re,

    Tu sais zipper un dossier ?

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    R3 - URLSearchHook: (no name) - {CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
    O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin\body axis.exe
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)


    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\Documents and Settings\All Users\APPLIC~1\Bags Plus Online Chin
    C:\Documents and Settings\All Users\APPLIC~1\WinAntiVirus Pro 2006
    C:\Documents and Settings\Christ\APPLIC~1\dog nurb debug
    C:\Documents and Settings\Théo\APPLIC~1\dog nurb debug
    C:\Documents and Settings\véro_2\APPLIC~1\dog nurb debug
    C:\WINDOWS\system32\xdjfjszc_navps.dat

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    9 Janvier 2008 21:15:29

    oui je sais zipper un dossier avec winrar

    voiçi le rapport


    Folder cleanup failed. C:\Documents and Settings\All Users\APPLIC~1\Bags Plus Online Chin scheduled to be deleted on reboot.
    C:\Documents and Settings\All Users\APPLIC~1\WinAntiVirus Pro 2006 moved successfully.
    C:\Documents and Settings\Christ\APPLIC~1\dog nurb debug moved successfully.
    C:\Documents and Settings\Théo\APPLIC~1\dog nurb debug moved successfully.
    C:\Documents and Settings\véro_2\APPLIC~1\dog nurb debug moved successfully.
    C:\WINDOWS\system32\xdjfjszc_navps.dat moved successfully.

    Created on 01/09/2008 21:04:40
    a b 8 Sécurité
    9 Janvier 2008 21:28:39

    Tu peux zipper le dossier suivant et l'uploader sur sendspace ?
    C:\_OTMoveIt\MovedFiles
    9 Janvier 2008 21:30:59

    que veut tu dire par :" l'uploader sur sendspace "
    a b 8 Sécurité
    9 Janvier 2008 21:34:02

    Tu vas sur sur le site Sendspace et tu crées un lien de ton fichier .zip
    9 Janvier 2008 21:57:43

    Je viens de faire ce que tu m'as demandé, pas de problème et maintenant quel va etre la suite, cela fait presque 2 heures que je suit sur le net et pas une seule pub n'est apparue.
    a b 8 Sécurité
    9 Janvier 2008 22:01:50

    Le lien du zip sendspace ?
    a b 8 Sécurité
    9 Janvier 2008 22:06:50

    Tu as d'autres soucis ?
    9 Janvier 2008 22:20:03

    non merçi pour ton aide précieuse, mais pourquoi avoir envoyé le fichier OTMoveIt\MovedFiles sur sendspace qui est un site US.
    a b 8 Sécurité
    10 Janvier 2008 16:30:14

    Re,

    Ce dossier va nous permettre de développer LopS&D :jap: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS