Se connecter / S'enregistrer
Votre question

Problème de lag étrange.[Résolu]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Décembre 2007 13:59:13

Bonjour à tous !

J'ai un lag étrange quand je démarre mon ordinateur tout ce charge correctement, je n'ais aucun message d'erreur, mais la sourie s'arréte pendant 1 seconde toutes les ( environ) 3 secondes. Je dois redémarrer pour que ce lag "disparaisse", mais si j'éteind l'ordinateur assez longtemps, le lag revient et je dois redémarrer encore une fois. J'ai regardé dans le gestionnaire de tâche, rien ne charge tout est à 0 (enfin a part le processus inactif du system :D  )

Mais ce problème vient pas de la souris, c'est un lag de l'ordinateur car quand il charge la petite led rouge qui fait assez fort "crrrr" s'arréte au même moment que la souris.
Voila merci d'avance pour vos aides. :) 

[EDIT 1] : J'ai fait une analyse norton il y a 2 jour j'ai eu 3 "Trojan" différents j'ai pensé que cela venait de la... Et ben non :lol: 

Autres pages sur : probleme lag etrange resolu

26 Décembre 2007 19:10:43

Up :( 
a b 8 Sécurité
26 Décembre 2007 21:37:19

Bonjour,

On va voir si c'est une infection.

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Contenus similaires
26 Décembre 2007 22:36:37

Rapport Hijackthis :
MErci :) 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:38:01, on 26/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\BtUsrBdg.exe
C:\WINDOWS\system32\BTSetBootKey.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Veoh\VeohClient.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {26C4D1A7-EE91-07CD-B704-8DC00225AFCA} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\Program Files\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [grid store logo hope] C:\Documents and Settings\All Users\Application Data\first platform grid store\TitleSeek.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton virus-anti\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Veoh] "E:\Program Files\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2945911949-524513886-1827613569-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-2945911949-524513886-1827613569-1008\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-2945911949-524513886-1827613569-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-2945911949-524513886-1827613569-1008\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User '?')
O4 - HKUS\S-1-5-21-2945911949-524513886-1827613569-1008\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Club Internet.lnk = ?
O4 - Startup: Pinnacle Systems - Studio Family.lnk = E:\Program Files\ERegister\Remind32.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
O4 - Global Startup: Docteur Club Internet.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing)
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - E:\Program Files\Norton virus-anti\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 13570 bytes
a b 8 Sécurité
26 Décembre 2007 22:43:51

Re,

On va voir si c'est du lop.

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    26 Décembre 2007 22:51:50

    Voila :) 



    -----------------------------[ Lop S&D 2.0.1 ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 26/12/2007 | 22:50:03,95 ] [ ACER-A38B4A0260 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\Mozilla
    C:\Documents and Settings\All Users\APPLIC~1\Grisoft
    C:\Documents and Settings\All Users\APPLIC~1\GamesBar
    C:\Documents and Settings\All Users\APPLIC~1\Installer.log
    C:\Documents and Settings\All Users\APPLIC~1\ATI
    C:\Documents and Settings\All Users\APPLIC~1\LUUnInstall.LiveUpdate
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Exetender
    C:\Documents and Settings\All Users\APPLIC~1\Tarma Installer
    C:\Documents and Settings\All Users\APPLIC~1\first platform grid store
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\MotiveSysIDs
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\eConsole
    C:\Documents and Settings\All Users\APPLIC~1\SBT
    C:\Documents and Settings\All Users\APPLIC~1\TuneUp Software
    C:\Documents and Settings\All Users\APPLIC~1\ACD Systems
    C:\Documents and Settings\All Users\APPLIC~1\CyberLink
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini


    C:\Documents and Settings\Default User\APPLIC~1\Adobe
    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft

    C:\Documents and Settings\Invit‚\APPLIC~1\Adobe
    C:\Documents and Settings\Invit‚\APPLIC~1\Symantec
    C:\Documents and Settings\Invit‚\APPLIC~1\Identities
    C:\Documents and Settings\Invit‚\APPLIC~1\desktop.ini
    C:\Documents and Settings\Invit‚\APPLIC~1\Microsoft

    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\Marie-Odile\APPLIC~1\Grisoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Google
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Microsoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\ATI
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Symantec
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Adobe
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Real
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Lavasoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\MessengerSkinner
    C:\Documents and Settings\Marie-Odile\APPLIC~1\dvdcss
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Macromedia
    C:\Documents and Settings\Marie-Odile\APPLIC~1\AdobeUM
    C:\Documents and Settings\Marie-Odile\APPLIC~1\vlc
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Sun
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Help
    C:\Documents and Settings\Marie-Odile\APPLIC~1\ACD Systems
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Apple Computer
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Identities
    C:\Documents and Settings\Marie-Odile\APPLIC~1\desktop.ini

    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Microsoft
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\vlc
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\teamspeak2
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\AdobeUM
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Google
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\ACD Systems
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Macromedia
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Apple Computer
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Talkback
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Mozilla
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Grisoft
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\ATI
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Adobe
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Symantec
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Identities
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\desktop.ini

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec

    C:\Documents and Settings\super cl‚ment\APPLIC~1\Xfire
    C:\Documents and Settings\super cl‚ment\APPLIC~1\k23 productions
    C:\Documents and Settings\super cl‚ment\APPLIC~1\teamspeak2
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Azureus
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Skype
    C:\Documents and Settings\super cl‚ment\APPLIC~1\InstallShield
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Talkback
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Mozilla
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Grisoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ante nurb city
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Google
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Adobe
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Lavasoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ATI
    C:\Documents and Settings\super cl‚ment\APPLIC~1\dvdcss
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Symantec
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Microsoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Macromedia
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Sun
    C:\Documents and Settings\super cl‚ment\APPLIC~1\AdobeUM
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Apple Computer
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Help
    C:\Documents and Settings\super cl‚ment\APPLIC~1\vlc
    C:\Documents and Settings\super cl‚ment\APPLIC~1\FotoWire
    C:\Documents and Settings\super cl‚ment\APPLIC~1\XTND_BTUIObjects
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\super cl‚ment\APPLIC~1\CyberLink
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Identities
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Real
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Media Player Classic
    C:\Documents and Settings\super cl‚ment\APPLIC~1\TuneUp Software
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ACD Systems
    C:\Documents and Settings\super cl‚ment\APPLIC~1\desktop.ini

    C:\Documents and Settings\super cl‚ment.ACER-A38B4A0260\APPLIC~1\Microsoft
    C:\Documents and Settings\super cl‚ment.ACER-A38B4A0260\APPLIC~1\Adobe


    C:\Documents and Settings\‚lodie\APPLIC~1\Grisoft
    C:\Documents and Settings\‚lodie\APPLIC~1\Adobe
    C:\Documents and Settings\‚lodie\APPLIC~1\ATI
    C:\Documents and Settings\‚lodie\APPLIC~1\Lavasoft
    C:\Documents and Settings\‚lodie\APPLIC~1\Google
    C:\Documents and Settings\‚lodie\APPLIC~1\Microsoft
    C:\Documents and Settings\‚lodie\APPLIC~1\ante nurb city
    C:\Documents and Settings\‚lodie\APPLIC~1\SHIM MAGS ELSE
    C:\Documents and Settings\‚lodie\APPLIC~1\AdobeUM
    C:\Documents and Settings\‚lodie\APPLIC~1\Macromedia
    C:\Documents and Settings\‚lodie\APPLIC~1\Apple Computer
    C:\Documents and Settings\‚lodie\APPLIC~1\vlc
    C:\Documents and Settings\‚lodie\APPLIC~1\Real
    C:\Documents and Settings\‚lodie\APPLIC~1\TuneUp Software
    C:\Documents and Settings\‚lodie\APPLIC~1\ACD Systems
    C:\Documents and Settings\‚lodie\APPLIC~1\Identities
    C:\Documents and Settings\‚lodie\APPLIC~1\desktop.ini

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [24/12/2007 20:00][--a------]C:\WINDOWS\tasks\Norton AntiVirus - Analyse systŠme complŠte - Marie-Odile.job
    [26/12/2007 15:20][--ah-----]C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 04:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\AC3Filter
    C:\Program Files\ACD Systems
    C:\Program Files\acer
    C:\Program Files\Adobe
    C:\Program Files\ahead
    C:\Program Files\ALIRAID
    C:\Program Files\Ankama Games
    C:\Program Files\ante nurb city
    C:\Program Files\ATI Technologies
    C:\Program Files\Azureus
    C:\Program Files\Batch File Compiler PE v4.0 DEMO
    C:\Program Files\BenQ Mobile
    C:\Program Files\BlazeVideo
    C:\Program Files\BroadJump
    C:\Program Files\CCleaner
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\Custom-Strike
    C:\Program Files\CyberLink
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\DivXCodec
    C:\Program Files\DVD Audio Extractor
    C:\Program Files\DVD Decrypter
    C:\Program Files\EasyPHP1-8
    C:\Program Files\eChanblard
    C:\Program Files\eDonkey2000
    C:\Program Files\eMule
    C:\Program Files\Fichiers communs
    C:\Program Files\FileZilla
    C:\Program Files\Futuremark
    C:\Program Files\Google
    C:\Program Files\Grisoft
    C:\Program Files\GSpot
    C:\Program Files\Half-Life
    C:\Program Files\HD Tune
    C:\Program Files\Infogrames
    C:\Program Files\Internet Explorer
    C:\Program Files\Inventel
    C:\Program Files\iPod
    C:\Program Files\Java
    C:\Program Files\K-Lite Codec Pack
    C:\Program Files\Lavalys
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Matroska Pack
    C:\Program Files\MatroskaProp
    C:\Program Files\Max Payne
    C:\Program Files\Messenger
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\Metaboli Player
    C:\Program Files\Micro Application
    C:\Program Files\Microsoft CAPICOM 2.1.0.2
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Games
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft SQL Server Compact Edition
    C:\Program Files\Morgan
    C:\Program Files\Motive
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\MRT Codecs Pack
    C:\Program Files\MSBuild
    C:\Program Files\MSN
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSXML 6.0
    C:\Program Files\Navilog1
    C:\Program Files\NetMeeting
    C:\Program Files\NewTech Infosystems
    C:\Program Files\No-IP
    C:\Program Files\Nouveau dossier
    C:\Program Files\Nouvelle Cible
    C:\Program Files\On2 Technologies
    C:\Program Files\Online Services
    C:\Program Files\orange
    C:\Program Files\Outlook Express
    C:\Program Files\Panicware
    C:\Program Files\QuickTime
    C:\Program Files\RamBoost XP
    C:\Program Files\Razer
    C:\Program Files\Realtek
    C:\Program Files\Reference Assemblies
    C:\Program Files\RegCleaner
    C:\Program Files\RM-X Player V5.0
    C:\Program Files\Rollercoster Tyconn
    C:\Program Files\Securitoo
    C:\Program Files\Services en ligne
    C:\Program Files\Sierra On-Line
    C:\Program Files\Skype
    C:\Program Files\SLD Codec Pack
    C:\Program Files\Snapshot Viewer
    C:\Program Files\Steam
    C:\Program Files\Symantec
    C:\Program Files\Terrain Generator
    C:\Program Files\Trend Micro
    C:\Program Files\TU2006TrialFR.exe
    C:\Program Files\TuneUp Utilities 2006
    C:\Program Files\VideoLAN
    C:\Program Files\Wanadoo
    C:\Program Files\Wanadoo Messager
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\World Of Warcraft
    C:\Program Files\xerox
    C:\Program Files\XviD
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\ACD Systems
    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\ArcSoft
    C:\Program Files\Fichiers communs\ATI Technologies
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\Motive
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\muvee Technologies
    C:\Program Files\Fichiers communs\NewTech Infosystems
    C:\Program Files\Fichiers communs\Oberon Media
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\wavdest.ax
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-26 22:53:06
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\nkkmzdhd_navps.dat
    C:\WINDOWS\system32\nkkmzdhd_nav.dat
    C:\WINDOWS\system32\nkkmzdhd.dat
    ! EGDACCESS !


    --------------------[ Fin du rapport a 22:53:23,73 ]----------------------
    27 Décembre 2007 13:32:08

    Voila ;) 


    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 27/12/2007 | 13:30:36,68 ] [ ACER-A38B4A0260 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\Mozilla
    C:\Documents and Settings\All Users\APPLIC~1\Grisoft
    C:\Documents and Settings\All Users\APPLIC~1\GamesBar
    C:\Documents and Settings\All Users\APPLIC~1\Installer.log
    C:\Documents and Settings\All Users\APPLIC~1\ATI
    C:\Documents and Settings\All Users\APPLIC~1\LUUnInstall.LiveUpdate
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Exetender
    C:\Documents and Settings\All Users\APPLIC~1\Tarma Installer
    C:\Documents and Settings\All Users\APPLIC~1\first platform grid store
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\MotiveSysIDs
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\eConsole
    C:\Documents and Settings\All Users\APPLIC~1\SBT
    C:\Documents and Settings\All Users\APPLIC~1\TuneUp Software
    C:\Documents and Settings\All Users\APPLIC~1\ACD Systems
    C:\Documents and Settings\All Users\APPLIC~1\CyberLink
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini


    C:\Documents and Settings\Default User\APPLIC~1\Adobe
    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft

    C:\Documents and Settings\Invit‚\APPLIC~1\Adobe
    C:\Documents and Settings\Invit‚\APPLIC~1\Symantec
    C:\Documents and Settings\Invit‚\APPLIC~1\Identities
    C:\Documents and Settings\Invit‚\APPLIC~1\desktop.ini
    C:\Documents and Settings\Invit‚\APPLIC~1\Microsoft

    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\Marie-Odile\APPLIC~1\Grisoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Google
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Microsoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\ATI
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Symantec
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Adobe
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Real
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Lavasoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\MessengerSkinner
    C:\Documents and Settings\Marie-Odile\APPLIC~1\dvdcss
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Macromedia
    C:\Documents and Settings\Marie-Odile\APPLIC~1\AdobeUM
    C:\Documents and Settings\Marie-Odile\APPLIC~1\vlc
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Sun
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Help
    C:\Documents and Settings\Marie-Odile\APPLIC~1\ACD Systems
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Apple Computer
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Identities
    C:\Documents and Settings\Marie-Odile\APPLIC~1\desktop.ini

    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Microsoft
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\vlc
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\teamspeak2
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\AdobeUM
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Google
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\ACD Systems
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Macromedia
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Apple Computer
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Talkback
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Mozilla
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Grisoft
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\ATI
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Adobe
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Symantec
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Identities
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\desktop.ini

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec

    C:\Documents and Settings\super cl‚ment\APPLIC~1\OtakuSoftware
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Xfire
    C:\Documents and Settings\super cl‚ment\APPLIC~1\k23 productions
    C:\Documents and Settings\super cl‚ment\APPLIC~1\teamspeak2
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Azureus
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Skype
    C:\Documents and Settings\super cl‚ment\APPLIC~1\InstallShield
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Talkback
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Mozilla
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Grisoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ante nurb city
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Google
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Adobe
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Lavasoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ATI
    C:\Documents and Settings\super cl‚ment\APPLIC~1\dvdcss
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Symantec
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Microsoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Macromedia
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Sun
    C:\Documents and Settings\super cl‚ment\APPLIC~1\AdobeUM
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Apple Computer
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Help
    C:\Documents and Settings\super cl‚ment\APPLIC~1\vlc
    C:\Documents and Settings\super cl‚ment\APPLIC~1\FotoWire
    C:\Documents and Settings\super cl‚ment\APPLIC~1\XTND_BTUIObjects
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\super cl‚ment\APPLIC~1\CyberLink
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Identities
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Real
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Media Player Classic
    C:\Documents and Settings\super cl‚ment\APPLIC~1\TuneUp Software
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ACD Systems
    C:\Documents and Settings\super cl‚ment\APPLIC~1\desktop.ini

    C:\Documents and Settings\super cl‚ment.ACER-A38B4A0260\APPLIC~1\Microsoft
    C:\Documents and Settings\super cl‚ment.ACER-A38B4A0260\APPLIC~1\Adobe


    C:\Documents and Settings\‚lodie\APPLIC~1\Grisoft
    C:\Documents and Settings\‚lodie\APPLIC~1\Adobe
    C:\Documents and Settings\‚lodie\APPLIC~1\ATI
    C:\Documents and Settings\‚lodie\APPLIC~1\Lavasoft
    C:\Documents and Settings\‚lodie\APPLIC~1\Google
    C:\Documents and Settings\‚lodie\APPLIC~1\Microsoft
    C:\Documents and Settings\‚lodie\APPLIC~1\ante nurb city
    C:\Documents and Settings\‚lodie\APPLIC~1\SHIM MAGS ELSE
    C:\Documents and Settings\‚lodie\APPLIC~1\AdobeUM
    C:\Documents and Settings\‚lodie\APPLIC~1\Macromedia
    C:\Documents and Settings\‚lodie\APPLIC~1\Apple Computer
    C:\Documents and Settings\‚lodie\APPLIC~1\vlc
    C:\Documents and Settings\‚lodie\APPLIC~1\Real
    C:\Documents and Settings\‚lodie\APPLIC~1\TuneUp Software
    C:\Documents and Settings\‚lodie\APPLIC~1\ACD Systems
    C:\Documents and Settings\‚lodie\APPLIC~1\Identities
    C:\Documents and Settings\‚lodie\APPLIC~1\desktop.ini

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [24/12/2007 20:00][--a------]C:\WINDOWS\tasks\Norton AntiVirus - Analyse systŠme complŠte - Marie-Odile.job
    [27/12/2007 13:24][--ah-----]C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 04:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\AC3Filter
    C:\Program Files\ACD Systems
    C:\Program Files\acer
    C:\Program Files\Adobe
    C:\Program Files\ahead
    C:\Program Files\ALIRAID
    C:\Program Files\Ankama Games
    C:\Program Files\ante nurb city
    C:\Program Files\ATI Technologies
    C:\Program Files\Azureus
    C:\Program Files\Batch File Compiler PE v4.0 DEMO
    C:\Program Files\BenQ Mobile
    C:\Program Files\BlazeVideo
    C:\Program Files\BroadJump
    C:\Program Files\CCleaner
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\Custom-Strike
    C:\Program Files\CyberLink
    C:\Program Files\DeskSpace
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\DivXCodec
    C:\Program Files\DVD Audio Extractor
    C:\Program Files\DVD Decrypter
    C:\Program Files\EasyPHP1-8
    C:\Program Files\eChanblard
    C:\Program Files\eDonkey2000
    C:\Program Files\eMule
    C:\Program Files\Fichiers communs
    C:\Program Files\FileZilla
    C:\Program Files\Futuremark
    C:\Program Files\Google
    C:\Program Files\Grisoft
    C:\Program Files\GSpot
    C:\Program Files\Half-Life
    C:\Program Files\HD Tune
    C:\Program Files\Infogrames
    C:\Program Files\Internet Explorer
    C:\Program Files\Inventel
    C:\Program Files\iPod
    C:\Program Files\Java
    C:\Program Files\K-Lite Codec Pack
    C:\Program Files\Lavalys
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Matroska Pack
    C:\Program Files\MatroskaProp
    C:\Program Files\Max Payne
    C:\Program Files\Messenger
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\Metaboli Player
    C:\Program Files\Micro Application
    C:\Program Files\Microsoft CAPICOM 2.1.0.2
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Games
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft SQL Server Compact Edition
    C:\Program Files\Morgan
    C:\Program Files\Motive
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\MRT Codecs Pack
    C:\Program Files\MSBuild
    C:\Program Files\MSN
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSXML 6.0
    C:\Program Files\Navilog1
    C:\Program Files\NetMeeting
    C:\Program Files\NewTech Infosystems
    C:\Program Files\No-IP
    C:\Program Files\Nouveau dossier
    C:\Program Files\Nouvelle Cible
    C:\Program Files\On2 Technologies
    C:\Program Files\Online Services
    C:\Program Files\orange
    C:\Program Files\Outlook Express
    C:\Program Files\Panicware
    C:\Program Files\QuickTime
    C:\Program Files\RamBoost XP
    C:\Program Files\Razer
    C:\Program Files\Realtek
    C:\Program Files\Reference Assemblies
    C:\Program Files\RegCleaner
    C:\Program Files\RM-X Player V5.0
    C:\Program Files\Rollercoster Tyconn
    C:\Program Files\Securitoo
    C:\Program Files\Services en ligne
    C:\Program Files\Sierra On-Line
    C:\Program Files\Skype
    C:\Program Files\SLD Codec Pack
    C:\Program Files\Snapshot Viewer
    C:\Program Files\Steam
    C:\Program Files\Symantec
    C:\Program Files\Terrain Generator
    C:\Program Files\Trend Micro
    C:\Program Files\TU2006TrialFR.exe
    C:\Program Files\TuneUp Utilities 2006
    C:\Program Files\VideoLAN
    C:\Program Files\Wanadoo
    C:\Program Files\Wanadoo Messager
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\World Of Warcraft
    C:\Program Files\xerox
    C:\Program Files\XviD
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\ACD Systems
    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\ArcSoft
    C:\Program Files\Fichiers communs\ATI Technologies
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\Motive
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\muvee Technologies
    C:\Program Files\Fichiers communs\NewTech Infosystems
    C:\Program Files\Fichiers communs\Oberon Media
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\wavdest.ax
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\Documents and Settings\All Users\APPLIC~1\first platform grid store\ClockInter.exe
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ante nurb city\miiwscpe.exe
    C:\Documents and Settings\All Users\APPLIC~1\FIRSTP~1
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ANTENU~1
    C:\Program Files\ANTENU~1
    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "grid store logo hope"="C:\\Documents and Settings\\All Users\\Application Data\\first platform grid store\\TitleSeek.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 13:32:32
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\nkkmzdhd_navps.dat
    C:\WINDOWS\system32\nkkmzdhd_nav.dat
    C:\WINDOWS\system32\nkkmzdhd.dat
    ! EGDACCESS !


    --------------------[ Fin du rapport a 13:32:46,26 ]----------------------
    a b 8 Sécurité
    27 Décembre 2007 13:58:37

    Re,

    On supprime :) 

    Télécharge Navilog1.exe (IL-MAFIOSO)
    Enregistre-le sur ton Bureau.
    Lance l'installation en double cliquant sur navilog.exe.
    Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

    Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
    [#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
    Patiente jusqu'à l'apparition de ce message :
    "*** Analyse Termine le ..... ***"
    Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :

    -> Edition / Sélectionner tout
    -> Edition / Copier
    -> Clique-Droit / Coller dans ta réponse


    NOTE : Le rapport se trouve également ici : C:\fixnavi.txt

    &

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    27 Décembre 2007 15:39:21

    Rapport Navilog1 :
    Encore merci Angeldark de t'occuper de moi

    Search Navipromo version 3.3.8 commencé le 27/12/2007 à 15:20:38,42

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 11.12.2007 à 18h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***




    *** Recherche dossiers dans C:\WINDOWS ***



    *** Recherche dossiers dans C:\Program Files ***



    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




    *** Recherche dossiers dans "C:\Documents and Settings\super clément\application data" ***


    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun Fichier trouvé



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans C:\WINDOWS\system32 *

    * Recherche dans "C:\Documents and Settings\super clément\local settings\application data" *



    *** Recherche fichiers ***


    C:\WINDOWS\system32\nvs2.inf trouvé !


    *** Recherche clés spécifiques dans le Registre ***


    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans C:\WINDOWS\system32 :

    nkkmzdhd.dat trouvé !
    nkkmzdhd_nav.dat trouvé !

    * Dans "C:\Documents and Settings\super clément\local settings\application data" :


    3)Recherche Certificats :

    Certificat Egroup absent !

    4)Recherche fichiers connus :



    *** Analyse terminée le 27/12/2007 à 15:40:58,15 ***
    27 Décembre 2007 15:42:38

    Puis le rapport de Lopr :


    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 27/12/2007 | 15:42:22,81 ] [ ACER-A38B4A0260 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\Documents and Settings\All Users\APPLIC~1\first platform grid store\ClockInter.exe
    Supprimé! - C:\Documents and Settings\super cl‚ment\APPLIC~1\ante nurb city\miiwscpe.exe
    Supprimé! - C:\Documents and Settings\All Users\APPLIC~1\FIRSTP~1
    Supprimé! - C:\Documents and Settings\super cl‚ment\APPLIC~1\ANTENU~1
    Supprimé! - C:\Program Files\ANTENU~1
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\Mozilla
    C:\Documents and Settings\All Users\APPLIC~1\Grisoft
    C:\Documents and Settings\All Users\APPLIC~1\GamesBar
    C:\Documents and Settings\All Users\APPLIC~1\Installer.log
    C:\Documents and Settings\All Users\APPLIC~1\ATI
    C:\Documents and Settings\All Users\APPLIC~1\LUUnInstall.LiveUpdate
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Exetender
    C:\Documents and Settings\All Users\APPLIC~1\Tarma Installer
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\MotiveSysIDs
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\eConsole
    C:\Documents and Settings\All Users\APPLIC~1\SBT
    C:\Documents and Settings\All Users\APPLIC~1\TuneUp Software
    C:\Documents and Settings\All Users\APPLIC~1\ACD Systems
    C:\Documents and Settings\All Users\APPLIC~1\CyberLink
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini


    C:\Documents and Settings\Default User\APPLIC~1\Adobe
    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft

    C:\Documents and Settings\Invit‚\APPLIC~1\Adobe
    C:\Documents and Settings\Invit‚\APPLIC~1\Symantec
    C:\Documents and Settings\Invit‚\APPLIC~1\Identities
    C:\Documents and Settings\Invit‚\APPLIC~1\desktop.ini
    C:\Documents and Settings\Invit‚\APPLIC~1\Microsoft

    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\Marie-Odile\APPLIC~1\Grisoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Google
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Microsoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\ATI
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Symantec
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Adobe
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Real
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Lavasoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\MessengerSkinner
    C:\Documents and Settings\Marie-Odile\APPLIC~1\dvdcss
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Macromedia
    C:\Documents and Settings\Marie-Odile\APPLIC~1\AdobeUM
    C:\Documents and Settings\Marie-Odile\APPLIC~1\vlc
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Sun
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Help
    C:\Documents and Settings\Marie-Odile\APPLIC~1\ACD Systems
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Apple Computer
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Identities
    C:\Documents and Settings\Marie-Odile\APPLIC~1\desktop.ini

    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Microsoft
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\vlc
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\teamspeak2
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\AdobeUM
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Google
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\ACD Systems
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Macromedia
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Apple Computer
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Talkback
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Mozilla
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Grisoft
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\ATI
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Adobe
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Symantec
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Identities
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\desktop.ini

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec

    C:\Documents and Settings\super cl‚ment\APPLIC~1\OtakuSoftware
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Xfire
    C:\Documents and Settings\super cl‚ment\APPLIC~1\k23 productions
    C:\Documents and Settings\super cl‚ment\APPLIC~1\teamspeak2
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Azureus
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Skype
    C:\Documents and Settings\super cl‚ment\APPLIC~1\InstallShield
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Talkback
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Mozilla
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Grisoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Google
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Adobe
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Lavasoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ATI
    C:\Documents and Settings\super cl‚ment\APPLIC~1\dvdcss
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Symantec
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Microsoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Macromedia
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Sun
    C:\Documents and Settings\super cl‚ment\APPLIC~1\AdobeUM
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Apple Computer
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Help
    C:\Documents and Settings\super cl‚ment\APPLIC~1\vlc
    C:\Documents and Settings\super cl‚ment\APPLIC~1\FotoWire
    C:\Documents and Settings\super cl‚ment\APPLIC~1\XTND_BTUIObjects
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\super cl‚ment\APPLIC~1\CyberLink
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Identities
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Real
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Media Player Classic
    C:\Documents and Settings\super cl‚ment\APPLIC~1\TuneUp Software
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ACD Systems
    C:\Documents and Settings\super cl‚ment\APPLIC~1\desktop.ini

    C:\Documents and Settings\super cl‚ment.ACER-A38B4A0260\APPLIC~1\Microsoft
    C:\Documents and Settings\super cl‚ment.ACER-A38B4A0260\APPLIC~1\Adobe


    C:\Documents and Settings\‚lodie\APPLIC~1\Grisoft
    C:\Documents and Settings\‚lodie\APPLIC~1\Adobe
    C:\Documents and Settings\‚lodie\APPLIC~1\ATI
    C:\Documents and Settings\‚lodie\APPLIC~1\Lavasoft
    C:\Documents and Settings\‚lodie\APPLIC~1\Google
    C:\Documents and Settings\‚lodie\APPLIC~1\Microsoft
    C:\Documents and Settings\‚lodie\APPLIC~1\ante nurb city
    C:\Documents and Settings\‚lodie\APPLIC~1\SHIM MAGS ELSE
    C:\Documents and Settings\‚lodie\APPLIC~1\AdobeUM
    C:\Documents and Settings\‚lodie\APPLIC~1\Macromedia
    C:\Documents and Settings\‚lodie\APPLIC~1\Apple Computer
    C:\Documents and Settings\‚lodie\APPLIC~1\vlc
    C:\Documents and Settings\‚lodie\APPLIC~1\Real
    C:\Documents and Settings\‚lodie\APPLIC~1\TuneUp Software
    C:\Documents and Settings\‚lodie\APPLIC~1\ACD Systems
    C:\Documents and Settings\‚lodie\APPLIC~1\Identities
    C:\Documents and Settings\‚lodie\APPLIC~1\desktop.ini

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [24/12/2007 20:00][--a------]C:\WINDOWS\tasks\Norton AntiVirus - Analyse systŠme complŠte - Marie-Odile.job
    [27/12/2007 13:24][--ah-----]C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 04:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\AC3Filter
    C:\Program Files\ACD Systems
    C:\Program Files\acer
    C:\Program Files\Adobe
    C:\Program Files\ahead
    C:\Program Files\ALIRAID
    C:\Program Files\Ankama Games
    C:\Program Files\ATI Technologies
    C:\Program Files\Azureus
    C:\Program Files\Batch File Compiler PE v4.0 DEMO
    C:\Program Files\BenQ Mobile
    C:\Program Files\BlazeVideo
    C:\Program Files\BroadJump
    C:\Program Files\CCleaner
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\Custom-Strike
    C:\Program Files\CyberLink
    C:\Program Files\DeskSpace
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\DivXCodec
    C:\Program Files\DVD Audio Extractor
    C:\Program Files\DVD Decrypter
    C:\Program Files\EasyPHP1-8
    C:\Program Files\eChanblard
    C:\Program Files\eDonkey2000
    C:\Program Files\eMule
    C:\Program Files\Fichiers communs
    C:\Program Files\FileZilla
    C:\Program Files\Futuremark
    C:\Program Files\Google
    C:\Program Files\Grisoft
    C:\Program Files\GSpot
    C:\Program Files\Half-Life
    C:\Program Files\HD Tune
    C:\Program Files\Infogrames
    C:\Program Files\Internet Explorer
    C:\Program Files\Inventel
    C:\Program Files\iPod
    C:\Program Files\Java
    C:\Program Files\K-Lite Codec Pack
    C:\Program Files\Lavalys
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Matroska Pack
    C:\Program Files\MatroskaProp
    C:\Program Files\Max Payne
    C:\Program Files\Messenger
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\Metaboli Player
    C:\Program Files\Micro Application
    C:\Program Files\Microsoft CAPICOM 2.1.0.2
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Games
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft SQL Server Compact Edition
    C:\Program Files\Morgan
    C:\Program Files\Motive
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\MRT Codecs Pack
    C:\Program Files\MSBuild
    C:\Program Files\MSN
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSXML 6.0
    C:\Program Files\Navilog1
    C:\Program Files\NetMeeting
    C:\Program Files\NewTech Infosystems
    C:\Program Files\No-IP
    C:\Program Files\Nouveau dossier
    C:\Program Files\Nouvelle Cible
    C:\Program Files\On2 Technologies
    C:\Program Files\Online Services
    C:\Program Files\orange
    C:\Program Files\Outlook Express
    C:\Program Files\Panicware
    C:\Program Files\QuickTime
    C:\Program Files\RamBoost XP
    C:\Program Files\Razer
    C:\Program Files\Realtek
    C:\Program Files\Reference Assemblies
    C:\Program Files\RegCleaner
    C:\Program Files\RM-X Player V5.0
    C:\Program Files\Rollercoster Tyconn
    C:\Program Files\Securitoo
    C:\Program Files\Services en ligne
    C:\Program Files\Sierra On-Line
    C:\Program Files\Skype
    C:\Program Files\SLD Codec Pack
    C:\Program Files\Snapshot Viewer
    C:\Program Files\Steam
    C:\Program Files\Symantec
    C:\Program Files\Terrain Generator
    C:\Program Files\Trend Micro
    C:\Program Files\TU2006TrialFR.exe
    C:\Program Files\TuneUp Utilities 2006
    C:\Program Files\VideoLAN
    C:\Program Files\Wanadoo
    C:\Program Files\Wanadoo Messager
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\World Of Warcraft
    C:\Program Files\xerox
    C:\Program Files\XviD
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\ACD Systems
    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\ArcSoft
    C:\Program Files\Fichiers communs\ATI Technologies
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\Motive
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\muvee Technologies
    C:\Program Files\Fichiers communs\NewTech Infosystems
    C:\Program Files\Fichiers communs\Oberon Media
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\wavdest.ax
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 15:43:57
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\nkkmzdhd_navps.dat
    C:\WINDOWS\system32\nkkmzdhd_nav.dat
    C:\WINDOWS\system32\nkkmzdhd.dat
    ! EGDACCESS !


    --------------------[ Fin du rapport a 15:44:08,00 ]----------------------
    a b 8 Sécurité
    27 Décembre 2007 16:56:35

    Re,

    Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
    Suis les instructions. Choisis ensuite l'option 2 puis valide.
    Laisse toi guider et réponds aux questions éventuelles.

    L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
    [#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
    Appuie maintenant sur une touche, comme demandé.
    (si ton PC ne redémarre pas automatiquement, fais-le manuellement)

    Patiente jusqu'à l'apparition de ce message :
    "*** Nettoyage Termine le ..... ***"

    Le Bloc-notes va s'ouvrir.
    Sauvegarde le rapport de manière à le retrouver.
    Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.

    Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
    Ainsi qu'un nouveau rapport Hijackthis.
    Avec un nouveau scan Lop S&D option 1.
    27 Décembre 2007 17:35:50

    Rapport Navilog je te post les autres juste en suivant :) 

    Clean Navipromo version 3.3.8 commencé le 27/12/2007 à 17:30:02,89

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 11.12.2007 à 18h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11
    Système de fichiers : NTFS

    Mode suppression automatique



    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans C:\WINDOWS\System32 *


    * Suppression dans "C:\Documents and Settings\super clément\local settings\application data" *



    *** Suppression dossiers dans C:\WINDOWS ***


    *** Suppression dossiers dans C:\Program Files ***


    *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***


    *** Suppression dossiers dans "C:\Documents and Settings\super clément\application data" ***


    *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***



    *** Suppression fichiers ***

    C:\WINDOWS\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\super cl‚ment\local settings\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans C:\WINDOWS\system32 *

    nkkmzdhd.dat trouvé !
    Copie nkkmzdhd.dat réalisée avec succès !
    nkkmzdhd.dat supprimé !

    nkkmzdhd_nav.dat trouvé !
    Copie nkkmzdhd_nav.dat réalisée avec succès !
    nkkmzdhd_nav.dat supprimé !

    nkkmzdhd_navps.dat trouvé !
    Copie nkkmzdhd_navps.dat réalisée avec succès !
    nkkmzdhd_navps.dat supprimé !


    * Dans "C:\Documents and Settings\super clément\local settings\application data" *


    *** Sauvegarde du Registre vers dossier Backupnavi ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup absent !

    *** Nettoyage terminé le 27/12/2007 à 17:34:25,59 ***

    27 Décembre 2007 17:36:35

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:38:08, on 27/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\NOTEPAD.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\system32\BtUsrBdg.exe
    C:\WINDOWS\system32\BTSetBootKey.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Razer\Copperhead\razerhid.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    E:\Program Files\Veoh\VeohClient.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Razer\Copperhead\razertra.exe
    C:\Program Files\Razer\Copperhead\razerofa.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {26C4D1A7-EE91-07CD-B704-8DC00225AFCA} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\Program Files\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton virus-anti\osCheck.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
    O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Veoh] "E:\Program Files\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Club Internet.lnk = ?
    O4 - Startup: Pinnacle Systems - Studio Family.lnk = E:\Program Files\ERegister\Remind32.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
    O4 - Global Startup: Docteur Club Internet.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = ?
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - E:\Program Files\Norton virus-anti\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

    --
    End of file - 12771 bytes
    27 Décembre 2007 17:40:03


    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 27/12/2007 | 17:39:39,59 ] [ ACER-A38B4A0260 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\Mozilla
    C:\Documents and Settings\All Users\APPLIC~1\Grisoft
    C:\Documents and Settings\All Users\APPLIC~1\GamesBar
    C:\Documents and Settings\All Users\APPLIC~1\Installer.log
    C:\Documents and Settings\All Users\APPLIC~1\ATI
    C:\Documents and Settings\All Users\APPLIC~1\LUUnInstall.LiveUpdate
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Exetender
    C:\Documents and Settings\All Users\APPLIC~1\Tarma Installer
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\MotiveSysIDs
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\eConsole
    C:\Documents and Settings\All Users\APPLIC~1\SBT
    C:\Documents and Settings\All Users\APPLIC~1\TuneUp Software
    C:\Documents and Settings\All Users\APPLIC~1\ACD Systems
    C:\Documents and Settings\All Users\APPLIC~1\CyberLink
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini


    C:\Documents and Settings\Default User\APPLIC~1\Adobe
    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft

    C:\Documents and Settings\Invit‚\APPLIC~1\Adobe
    C:\Documents and Settings\Invit‚\APPLIC~1\Symantec
    C:\Documents and Settings\Invit‚\APPLIC~1\Identities
    C:\Documents and Settings\Invit‚\APPLIC~1\desktop.ini
    C:\Documents and Settings\Invit‚\APPLIC~1\Microsoft

    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\Marie-Odile\APPLIC~1\Grisoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Google
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Microsoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\ATI
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Symantec
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Adobe
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Real
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Lavasoft
    C:\Documents and Settings\Marie-Odile\APPLIC~1\MessengerSkinner
    C:\Documents and Settings\Marie-Odile\APPLIC~1\dvdcss
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Macromedia
    C:\Documents and Settings\Marie-Odile\APPLIC~1\AdobeUM
    C:\Documents and Settings\Marie-Odile\APPLIC~1\vlc
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Sun
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Help
    C:\Documents and Settings\Marie-Odile\APPLIC~1\ACD Systems
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Apple Computer
    C:\Documents and Settings\Marie-Odile\APPLIC~1\Identities
    C:\Documents and Settings\Marie-Odile\APPLIC~1\desktop.ini

    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Microsoft
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\vlc
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\teamspeak2
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\AdobeUM
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Google
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\ACD Systems
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Macromedia
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Apple Computer
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Talkback
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Mozilla
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Grisoft
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\ATI
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Adobe
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Symantec
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\Identities
    C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\APPLIC~1\desktop.ini

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
    C:\Documents and Settings\NetworkService\APPLIC~1\Symantec

    C:\Documents and Settings\super cl‚ment\APPLIC~1\OtakuSoftware
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Xfire
    C:\Documents and Settings\super cl‚ment\APPLIC~1\k23 productions
    C:\Documents and Settings\super cl‚ment\APPLIC~1\teamspeak2
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Azureus
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Skype
    C:\Documents and Settings\super cl‚ment\APPLIC~1\InstallShield
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Talkback
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Mozilla
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Grisoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Google
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Adobe
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Lavasoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ATI
    C:\Documents and Settings\super cl‚ment\APPLIC~1\dvdcss
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Symantec
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Microsoft
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Macromedia
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Sun
    C:\Documents and Settings\super cl‚ment\APPLIC~1\AdobeUM
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Apple Computer
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Help
    C:\Documents and Settings\super cl‚ment\APPLIC~1\vlc
    C:\Documents and Settings\super cl‚ment\APPLIC~1\FotoWire
    C:\Documents and Settings\super cl‚ment\APPLIC~1\XTND_BTUIObjects
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\super cl‚ment\APPLIC~1\CyberLink
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Identities
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Real
    C:\Documents and Settings\super cl‚ment\APPLIC~1\Media Player Classic
    C:\Documents and Settings\super cl‚ment\APPLIC~1\TuneUp Software
    C:\Documents and Settings\super cl‚ment\APPLIC~1\ACD Systems
    C:\Documents and Settings\super cl‚ment\APPLIC~1\desktop.ini

    C:\Documents and Settings\super cl‚ment.ACER-A38B4A0260\APPLIC~1\Microsoft
    C:\Documents and Settings\super cl‚ment.ACER-A38B4A0260\APPLIC~1\Adobe


    C:\Documents and Settings\‚lodie\APPLIC~1\Grisoft
    C:\Documents and Settings\‚lodie\APPLIC~1\Adobe
    C:\Documents and Settings\‚lodie\APPLIC~1\ATI
    C:\Documents and Settings\‚lodie\APPLIC~1\Lavasoft
    C:\Documents and Settings\‚lodie\APPLIC~1\Google
    C:\Documents and Settings\‚lodie\APPLIC~1\Microsoft
    C:\Documents and Settings\‚lodie\APPLIC~1\ante nurb city
    C:\Documents and Settings\‚lodie\APPLIC~1\SHIM MAGS ELSE
    C:\Documents and Settings\‚lodie\APPLIC~1\AdobeUM
    C:\Documents and Settings\‚lodie\APPLIC~1\Macromedia
    C:\Documents and Settings\‚lodie\APPLIC~1\Apple Computer
    C:\Documents and Settings\‚lodie\APPLIC~1\vlc
    C:\Documents and Settings\‚lodie\APPLIC~1\Real
    C:\Documents and Settings\‚lodie\APPLIC~1\TuneUp Software
    C:\Documents and Settings\‚lodie\APPLIC~1\ACD Systems
    C:\Documents and Settings\‚lodie\APPLIC~1\Identities
    C:\Documents and Settings\‚lodie\APPLIC~1\desktop.ini

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [24/12/2007 20:00][--a------]C:\WINDOWS\tasks\Norton AntiVirus - Analyse systŠme complŠte - Marie-Odile.job
    [27/12/2007 17:33][--ah-----]C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 04:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\AC3Filter
    C:\Program Files\ACD Systems
    C:\Program Files\acer
    C:\Program Files\Adobe
    C:\Program Files\ahead
    C:\Program Files\ALIRAID
    C:\Program Files\Ankama Games
    C:\Program Files\ATI Technologies
    C:\Program Files\Azureus
    C:\Program Files\Batch File Compiler PE v4.0 DEMO
    C:\Program Files\BenQ Mobile
    C:\Program Files\BlazeVideo
    C:\Program Files\BroadJump
    C:\Program Files\CCleaner
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\Custom-Strike
    C:\Program Files\CyberLink
    C:\Program Files\DeskSpace
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\DivXCodec
    C:\Program Files\DVD Audio Extractor
    C:\Program Files\DVD Decrypter
    C:\Program Files\EasyPHP1-8
    C:\Program Files\eChanblard
    C:\Program Files\eDonkey2000
    C:\Program Files\eMule
    C:\Program Files\Fichiers communs
    C:\Program Files\FileZilla
    C:\Program Files\Futuremark
    C:\Program Files\Google
    C:\Program Files\Grisoft
    C:\Program Files\GSpot
    C:\Program Files\Half-Life
    C:\Program Files\HD Tune
    C:\Program Files\Infogrames
    C:\Program Files\Internet Explorer
    C:\Program Files\Inventel
    C:\Program Files\iPod
    C:\Program Files\Java
    C:\Program Files\K-Lite Codec Pack
    C:\Program Files\Lavalys
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Matroska Pack
    C:\Program Files\MatroskaProp
    C:\Program Files\Max Payne
    C:\Program Files\Messenger
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\Metaboli Player
    C:\Program Files\Micro Application
    C:\Program Files\Microsoft CAPICOM 2.1.0.2
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Games
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft SQL Server Compact Edition
    C:\Program Files\Morgan
    C:\Program Files\Motive
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\MRT Codecs Pack
    C:\Program Files\MSBuild
    C:\Program Files\MSN
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSXML 6.0
    C:\Program Files\Navilog1
    C:\Program Files\NetMeeting
    C:\Program Files\NewTech Infosystems
    C:\Program Files\No-IP
    C:\Program Files\Nouveau dossier
    C:\Program Files\Nouvelle Cible
    C:\Program Files\On2 Technologies
    C:\Program Files\Online Services
    C:\Program Files\orange
    C:\Program Files\Outlook Express
    C:\Program Files\Panicware
    C:\Program Files\QuickTime
    C:\Program Files\RamBoost XP
    C:\Program Files\Razer
    C:\Program Files\Realtek
    C:\Program Files\Reference Assemblies
    C:\Program Files\RegCleaner
    C:\Program Files\RM-X Player V5.0
    C:\Program Files\Rollercoster Tyconn
    C:\Program Files\Securitoo
    C:\Program Files\Services en ligne
    C:\Program Files\Sierra On-Line
    C:\Program Files\Skype
    C:\Program Files\SLD Codec Pack
    C:\Program Files\Snapshot Viewer
    C:\Program Files\Steam
    C:\Program Files\Symantec
    C:\Program Files\Terrain Generator
    C:\Program Files\Trend Micro
    C:\Program Files\TU2006TrialFR.exe
    C:\Program Files\TuneUp Utilities 2006
    C:\Program Files\VideoLAN
    C:\Program Files\Wanadoo
    C:\Program Files\Wanadoo Messager
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\World Of Warcraft
    C:\Program Files\xerox
    C:\Program Files\XviD
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\ACD Systems
    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\ArcSoft
    C:\Program Files\Fichiers communs\ATI Technologies
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\Motive
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\muvee Technologies
    C:\Program Files\Fichiers communs\NewTech Infosystems
    C:\Program Files\Fichiers communs\Oberon Media
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\wavdest.ax
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 17:41:42
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 17:41:55,70 ]----------------------
    a b 8 Sécurité
    27 Décembre 2007 18:13:31

    Re,

    Télécharge BTFix ([#ff0000]Bibi26[/#f]).
    Dézippe l'archive sur ton Bureau.
  • Ouvre le dossier BTFix.
  • Double clique sur BTFix.exe.
  • Clique sur Rechercher.
  • Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
    27 Décembre 2007 18:14:59

    BTFix 1.066 (par bibi26) - 27/12/2007 18:17:13 - Analyse
    Lancé depuis C:\Documents and Settings\super clément\Bureau\BTFix\BTFix.exe

    ---> Fichiers/Dossiers trouvés

    - C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
    - C:\Documents and Settings\All Users\Application Data\GamesBar
    - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GamesBar

    ---> Analyse terminée
    a b 8 Sécurité
    27 Décembre 2007 18:18:29

    Re,

    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\Documents and Settings\élodie\APPLIC~1\ante nurb city
    C:\Documents and Settings\élodie\APPLIC~1\SHIM MAGS ELSE
    C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
    C:\Documents and Settings\All Users\Application Data\GamesBar
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GamesBar

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    27 Décembre 2007 18:24:57

    C:\Documents and Settings\élodie\APPLIC~1\ante nurb city moved successfully.
    C:\Documents and Settings\élodie\APPLIC~1\SHIM MAGS ELSE moved successfully.
    C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf moved successfully.
    C:\Documents and Settings\All Users\Application Data\GamesBar\07-10-05-20-00-04 moved successfully.
    C:\Documents and Settings\All Users\Application Data\GamesBar moved successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GamesBar moved successfully.

    Created on 12/27/2007 18:26:46
    a b 8 Sécurité
    27 Décembre 2007 18:25:44

    Reposte un rapport Hijackthis.
    27 Décembre 2007 18:29:33

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:31:49, on 27/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\system32\BtUsrBdg.exe
    C:\WINDOWS\system32\BTSetBootKey.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Razer\Copperhead\razerhid.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    E:\Program Files\Veoh\VeohClient.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Razer\Copperhead\razertra.exe
    C:\Program Files\Razer\Copperhead\razerofa.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {26C4D1A7-EE91-07CD-B704-8DC00225AFCA} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\Program Files\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton virus-anti\osCheck.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
    O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Veoh] "E:\Program Files\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Club Internet.lnk = ?
    O4 - Startup: Pinnacle Systems - Studio Family.lnk = E:\Program Files\ERegister\Remind32.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
    O4 - Global Startup: Docteur Club Internet.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = ?
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - E:\Program Files\Norton virus-anti\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

    --
    End of file - 12714 bytes
    a b 8 Sécurité
    27 Décembre 2007 18:31:33

    C'est mieux déjà ?

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]

  • Télécharge Combofix.exe ([#ff0000]]sUBs[/#f]) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
  • [/b]
    27 Décembre 2007 19:19:18

    Re,
    Pendant l'nnalyse j'ai eu une coupure d'électricité donc cela a coupé l'annalyse.
    J'ai le l'est rallumé , mais Combofix ne ma pas redemandé le choix 1 ou 2 et a relancé l'annalyse tout de suite. Mais depuis cette petite coupure je n'est plus internet sur le pc "infecté" :s je régle le prb et te fait part du rapport.`
    désolé
    a b 8 Sécurité
    27 Décembre 2007 19:21:26

    Ok, bonne chance.
    27 Décembre 2007 19:35:21

    Voila j'ai réussi :) 

    ComboFix 07-12-21.4 - super clément 2007-12-27 19:03:07.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.980 [GMT 1:00]
    Running from: C:\Documents and Settings\super clément\Bureau\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Marie-Odile\Application Data\MessengerSkinner
    C:\Documents and Settings\Marie-Odile\Application Data\MessengerSkinner\Userdata\Install_MessengerSkinner.zip
    C:\Documents and Settings\Marie-Odile\Application Data\MessengerSkinner\Userdata\languages_v2.xml
    C:\Documents and Settings\Marie-Odile\Application Data\MessengerSkinner\Userdata\pack1.cab
    C:\Documents and Settings\Marie-Odile\Menu Démarrer\Programmes\MessengerSkinner
    C:\Documents and Settings\Marie-Odile\Menu Démarrer\Programmes\MessengerSkinner\MessengerSkinner.lnk
    C:\Documents and Settings\Marie-Odile\Menu Démarrer\Programmes\MessengerSkinner\Website.lnk
    C:\WINDOWS\system32\stera.log

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-11-27 to 2007-12-27 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-26 23:42 . 2007-12-27 16:49 <REP> d-------- C:\Program Files\DeskSpace
    2007-12-26 23:42 . 2007-12-26 23:42 <REP> d----c--- C:\Documents and Settings\super clément\Application Data\OtakuSoftware
    2007-12-26 22:49 . 2007-12-27 17:41 <REP> d-------- C:\Program Files\Lop SD
    2007-12-26 22:37 . 2007-12-26 22:37 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-26 19:15 . 2007-12-26 19:20 <REP> d----c--- C:\Documents and Settings\super clément\Application Data\Xfire
    2007-12-25 14:35 . 2007-12-25 14:35 21,136 --a--c--- C:\mario_colorform.jpg
    2007-12-25 14:33 . 2007-12-25 14:33 11,640 --a--c--- C:\16996_475104927_anarchi_H225833_L.jpg
    2007-12-25 14:27 . 2007-12-25 15:00 17,209 --a--c--- C:\Nebuleuse.jpg
    2007-12-23 11:47 . 2007-12-23 11:47 <REP> d----c--- C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\Application Data\vlc
    2007-12-22 14:02 . 2007-12-22 14:02 <REP> d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
    2007-12-13 16:10 . 2007-12-18 12:48 <REP> d-------- C:\Program Files\Ankama Games
    2007-12-12 21:02 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
    2007-12-12 21:02 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
    2007-12-12 21:02 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
    2007-12-09 18:40 . 2007-12-09 18:40 <REP> d----c--- C:\Documents and Settings\super clément\Application Data\k23 productions
    2007-11-30 23:57 . 2007-11-30 23:57 317,616 --a------ C:\WINDOWS\system32\drivers\srtspl.sys
    2007-11-30 23:57 . 2007-11-30 23:57 279,088 --a------ C:\WINDOWS\system32\drivers\srtsp.sys
    2007-11-30 23:57 . 2007-11-30 23:57 43,696 --a------ C:\WINDOWS\system32\drivers\srtspx.sys
    2007-11-30 23:57 . 2007-11-30 23:57 10,549 --a------ C:\WINDOWS\system32\drivers\srtspx.cat
    2007-11-30 23:57 . 2007-11-30 23:57 10,549 --a------ C:\WINDOWS\system32\drivers\srtspl.cat
    2007-11-30 23:57 . 2007-11-30 23:57 10,545 --a------ C:\WINDOWS\system32\drivers\srtsp.cat
    2007-11-30 23:57 . 2007-11-30 23:57 1,430 --a------ C:\WINDOWS\system32\drivers\srtspl.inf
    2007-11-30 23:57 . 2007-11-30 23:57 1,421 --a------ C:\WINDOWS\system32\drivers\srtspx.inf
    2007-11-30 23:57 . 2007-11-30 23:57 1,415 --a------ C:\WINDOWS\system32\drivers\srtsp.inf

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-27 16:34 --------- d-----w C:\Program Files\Navilog1
    2007-12-27 14:15 --------- d-----w C:\Program Files\Steam
    2007-12-26 13:10 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2007-12-26 13:10 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
    2007-12-26 13:10 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2007-12-26 13:10 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2007-12-26 13:10 --------- d-----w C:\Program Files\Symantec
    2007-12-25 09:14 --------- d-----w C:\Program Files\eMule
    2007-12-22 13:06 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2007-12-11 12:04 --------- dc----w C:\Documents and Settings\All Users\Application Data\Symantec
    2007-11-25 18:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-14 12:19 --------- d-----w C:\Program Files\Windows Live
    2007-11-14 12:19 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
    2007-11-14 11:59 --------- d-----w C:\Program Files\MSN Messenger
    2007-11-14 11:52 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2007-11-14 11:50 --------- dc----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2007-11-14 11:49 2,402,832 -c--a-w C:\WLinstaller.exe
    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-11-11 17:54 --------- dc--a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2007-11-04 16:50 --------- d-----w C:\Program Files\FileZilla
    2007-11-03 21:33 --------- dc----w C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\Application Data\teamspeak2
    2007-11-02 18:22 --------- dc----w C:\Documents and Settings\super clément\Application Data\teamspeak2
    2007-11-02 16:40 --------- d-----w C:\Program Files\Wanadoo
    2007-11-02 16:14 --------- d-----w C:\Program Files\Securitoo
    2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-10-30 18:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
    2007-10-30 18:55 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
    2007-10-30 18:55 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
    2007-10-30 18:55 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
    2007-10-30 18:55 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
    2007-10-30 18:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
    2007-10-30 18:55 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
    2007-10-30 18:55 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
    2007-10-30 18:55 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
    2007-10-30 18:24 12,963 ----a-w C:\WINDOWS\system32\drivers\SymRedir.cat
    2007-10-30 18:24 1,358 ----a-w C:\WINDOWS\system32\drivers\SymRedir.inf
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
    2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
    2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
    2007-10-10 23:49 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
    2007-10-10 23:49 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
    2007-10-10 23:49 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
    2007-10-10 23:49 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2007-10-10 23:49 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    2007-10-10 23:49 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
    2007-10-10 23:49 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
    2007-10-10 23:49 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    2007-10-10 23:49 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2007-10-10 23:49 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    2007-10-10 23:49 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
    2007-10-10 23:49 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    2007-10-10 23:49 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
    2007-10-10 23:49 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    2007-10-10 23:49 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
    2007-10-10 23:49 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
    2007-10-10 23:49 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    2007-10-10 23:49 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
    2007-10-10 23:49 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
    2007-10-10 23:49 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
    2007-10-10 23:49 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    2007-10-10 11:00 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2007-10-10 11:00 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
    2006-02-19 16:18 9,109,072 -c--a-w C:\Program Files\TU2006TrialFR.exe
    2004-02-12 21:16 1,665,325 -c--a-w C:\Documents and Settings\audiograbber\agsetup.exe
    2004-02-09 04:48 899,072 -c--a-w C:\Documents and Settings\audiograbber\audiograbber.exe
    2003-08-22 08:09 45,056 -c--a-w C:\WINDOWS\inf\slntinst_staticW2k.exe
    2002-07-31 13:22 40,960 -c--a-w C:\Program Files\Fichiers communs\wavdest.ax
    2002-07-19 11:06 119,296 -c--a-w C:\Documents and Settings\audiograbber\libVorbis.dll
    2002-01-03 21:50 155,648 -c--a-w C:\Documents and Settings\audiograbber\WMA8Connect.dll
    2001-11-02 08:57 45,056 -c--a-w C:\WINDOWS\inf\Slntinst.exe
    2000-01-16 00:01 36,352 -c--a-w C:\Documents and Settings\audiograbber\ag12full.dll
    1999-03-17 00:41 59,824 -c--a-w C:\Documents and Settings\audiograbber\uninstall.exe
    2005-10-26 07:05 56 --sh--r C:\WINDOWS\system32\AE11946E1F.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26C4D1A7-EE91-07CD-B704-8DC00225AFCA}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
    C:\Program Files\GamesBar\oberontb.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11D4-9B18-009027A5CD4F}
    {6F282B65-56BF-4BD1-A8B2-A4449A05863D}
    {D0943516-5076-4020-A3B5-AEFAF26AB263}

    [HKEY_CLASSES_ROOT\clsid\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}]
    [HKEY_CLASSES_ROOT\Oberontb.Band.1]
    [HKEY_CLASSES_ROOT\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}]
    [HKEY_CLASSES_ROOT\Oberontb.Band]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 04:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 13:43]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 13:44]
    "Veoh"="E:\Program Files\Veoh\VeohClient.exe" [2007-12-03 13:21]
    "DeskSpace"="C:\Program Files\DeskSpace\deskspace.exe" []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 10:09]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-01-09 22:59]
    "osCheck"="E:\Program Files\Norton virus-anti\osCheck.exe" [2007-01-14 01:11]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" []
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
    "RTHDCPL"="RTHDCPL.EXE" [2005-06-14 07:48 C:\WINDOWS\RTHDCPL.EXE]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 00:07]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 04:00]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 04:00]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 17:15]
    "NAV CfgWiz"="C:\Program Files\Norton AntiVirus\CfgWiz.exe" []
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 04:00]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-06-21 14:28]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-05-27 08:18]
    "LaunchApp"="Alaunch" []
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 04:00]
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 16:07 C:\WINDOWS\system32\HdAShCut.exe]
    "eRecoveryService"="C:\Program Files\Acer\eRecovery\Monitor.exe" [2005-06-20 08:03]
    "BTUSRBDG"="BtUsrBdg.exe" [2003-04-18 17:15 C:\WINDOWS\system32\BtUsrBdg.exe]
    "BTSETBOOTKEY"="BTSetBootKey.exe" [2003-04-15 08:48 C:\WINDOWS\system32\BTSetBootKey.exe]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-06-21 14:39]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 C:\WINDOWS\AGRSMMSG.exe]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35]
    "Copperhead"="C:\Program Files\Razer\Copperhead\razerhid.exe" [2005-10-08 15:27]
    "razer"="C:\Program Files\Razer\Copperhead\razerhid.exe" [2005-10-08 15:27]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 04:00]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Startup.exe]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Startup.exe
    backup=C:\WINDOWS\pss\Startup.exeCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    2005-06-08 14:24 458752 --a------ C:\Program Files\Logitech\Video\ISStart.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    2005-06-08 14:14 217088 --a------ C:\Program Files\Logitech\Video\LogiTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaDicoAnglais]
    C:\Program Files\Micro Application\MediaDICO Anglais\MediaDICOAnglais.exe Lancement

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
    2006-05-02 21:14 190024 --a------ C:\Program Files\MessengerPlus! 3\MsgPlus.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\messengerskinner]
    C:\Documents and Settings\Marie-Odile\Mes documents\MessengerSkinner\MessengerSkinner.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
    rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    E:\Valve\Steam\Steam.exe -silent

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
    E:\Program Files\Veoh\VeohClient.exe /VeohHide

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
    C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
    2004-08-23 13:49 20480 -----c--- C:\PROGRA~1\Wanadoo\Watch.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "SPBBCSvc"=2 (0x2)
    "SNDSrvc"=3 (0x3)
    "SAVScan"=3 (0x3)
    "NSCService"=3 (0x3)
    "NPFMntor"=2 (0x2)
    "TUWinStylerThemeSvc"=2 (0x2)
    "Planificateur LiveUpdate automatique"=2 (0x2)
    "LiveUpdate Notice Ex"=2 (0x2)
    "gusvc"=3 (0x3)
    "FTRTSVC"=2 (0x2)
    "iPodService"=3 (0x3)
    "usnjsvc"=3 (0x3)
    "LiveUpdate Notice Service"=2 (0x2)
    "LiveUpdate"=3 (0x3)
    "IDriverT"=3 (0x3)
    "ATI Smart"=2 (0x2)
    "Ati HotKey Poller"=2 (0x2)
    "Acer Media Server"=2 (0x2)
    "WMPNetworkSvc"=3 (0x3)
    "idsvc"=3 (0x3)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
    "Web Each"=C:\DOCUME~1\SUPERC~1\APPLIC~1\ANTENU~1\Timefrag.exe
    "Steam"=C:\Program Files\Valve\Steam\\Steam.exe -silent
    "BlazeServoTool"="C:\Program Files\BlazeVideo\BlazeDVD 4 Standard\MediaDetector.exe"
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe
    "AGRSMMSG"=AGRSMMSG.exe
    "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    "iTunesHelper"="E:\Program Files\itunes\iTunesHelper.exe"
    "grid store logo hope"=C:\Documents and Settings\All Users\Application Data\first platform grid store\HeckPeak.exe
    "eDonkey2000"=C:\Program Files\eDonkey2000\eDonkey2000.exe -t
    "BJCFD"=C:\Program Files\BroadJump\Client Foundation\CFD.exe
    "WooCnxMon"=C:\PROGRA~1\Wanadoo\CnxMon.exe
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime

    R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 06:00]
    R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 16:14]
    R2 int15.sys;int15.sys;C:\Program Files\Acer\eRecovery\int15.sys [2005-01-13 13:46]
    R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2007-09-26 10:56]
    R2 X4HSX32;X4HSX32;C:\Program Files\Metaboli Player\X4HSX32.Sys [2006-12-13 07:34]
    R3 BTCOMM;BTCOMM;C:\WINDOWS\system32\drivers\Btcomm.sys [2003-04-14 08:35]
    R3 BTKRNBDG;Bluetooth COM Bridge;C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys [2003-03-18 09:31]
    R3 Razerlow;Razer Copperhead Driver;C:\WINDOWS\system32\Drivers\Razerlow.sys [2005-08-12 09:11]
    R3 vad_multi;Windigo Virtual Audio Device (WDM);C:\WINDOWS\system32\drivers\vadmulti.sys [2003-11-05 09:53]
    S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;C:\WINDOWS\system32\drivers\WF88XBAR.sys []
    S3 BQE61CDC;BenQ-Siemens E61 Driver;C:\WINDOWS\system32\DRIVERS\bqe61cdc.sys [2006-01-20 10:21]
    S3 gsplittm;gsplittm;C:\DOCUME~1\SUPERC~1\LOCALS~1\Temp\gsplittm.sys []
    S3 StMp3Rec;%SvcDesc%;C:\WINDOWS\system32\Drivers\StMp3Rec.sys [2004-06-22 04:31]
    S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 04:00]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10ba4af9-456b-11da-aeef-806d6172696f}]
    \Shell\AutoRun\command - G:\Lance.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-12-24 19:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyse système complète - Marie-Odile.job"
    - E:\Program Files\Norton virus-anti\Navw32.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 19:07:00
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-27 19:08:26
    .
    2007-12-12 11:17:24 --- E O F ---
    27 Décembre 2007 19:45:37

    Je repost pour te dire que aprés avoir redémarré l'ordinateur pour regler le prb avec internet le lag d'arret 1 seconde tout les 3 secondes a resurgit encore une fois :( 
    a b 8 Sécurité
    27 Décembre 2007 19:55:51

    Re,

    On va supprimer.

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\mario_colorform.jpg
    C:\16996_475104927_anarchi_H225833_L.jpg

    Folder::
    C:\Documents and Settings\All Users\Application Data\first platform grid store
    C:\DOCUME~1\SUPERC~1\APPLIC~1\ANTENU~1

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26C4D1A7-EE91-07CD-B704-8DC00225AFCA}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
    [-HKEY_CLASSES_ROOT\clsid\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}]
    [-HKEY_CLASSES_ROOT\Oberontb.Band.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}]
    [-HKEY_CLASSES_ROOT\Oberontb.Band]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "Web Each"=-
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "grid store logo hope"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    27 Décembre 2007 20:18:09

    C'est bien ce que je pensais, c'est combofix qui me coupe d'internet :D 
    J'ai été obligé de redémarrer l'ordinateur pour internet encore mais j'ai enregistré le rapport avant de redémarrer ;) 

    Rapport Combofix :

    ComboFix 07-12-21.4 - super clément 2007-12-27 20:05:12.4 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1041 [GMT 1:00]
    Running from: C:\Documents and Settings\super clément\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\super clément\Bureau\CFScript.txt
    * Created a new restore point

    FILE
    C:\16996_475104927_anarchi_H225833_L.jpg
    C:\mario_colorform.jpg
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\16996_475104927_anarchi_H225833_L.jpg
    C:\mario_colorform.jpg

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-11-27 to 2007-12-27 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-26 23:42 . 2007-12-27 16:49 <REP> d-------- C:\Program Files\DeskSpace
    2007-12-26 23:42 . 2007-12-26 23:42 <REP> d----c--- C:\Documents and Settings\super clément\Application Data\OtakuSoftware
    2007-12-26 22:49 . 2007-12-27 17:41 <REP> d-------- C:\Program Files\Lop SD
    2007-12-26 22:37 . 2007-12-26 22:37 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-26 19:15 . 2007-12-26 19:20 <REP> d----c--- C:\Documents and Settings\super clément\Application Data\Xfire
    2007-12-25 14:27 . 2007-12-25 15:00 17,209 --a--c--- C:\Nebuleuse.jpg
    2007-12-23 11:47 . 2007-12-23 11:47 <REP> d----c--- C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\Application Data\vlc
    2007-12-22 14:02 . 2007-12-22 14:02 <REP> d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
    2007-12-13 16:10 . 2007-12-18 12:48 <REP> d-------- C:\Program Files\Ankama Games
    2007-12-12 21:02 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
    2007-12-12 21:02 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
    2007-12-12 21:02 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
    2007-12-09 18:40 . 2007-12-09 18:40 <REP> d----c--- C:\Documents and Settings\super clément\Application Data\k23 productions
    2007-11-30 23:57 . 2007-11-30 23:57 317,616 --a------ C:\WINDOWS\system32\drivers\srtspl.sys
    2007-11-30 23:57 . 2007-11-30 23:57 279,088 --a------ C:\WINDOWS\system32\drivers\srtsp.sys
    2007-11-30 23:57 . 2007-11-30 23:57 43,696 --a------ C:\WINDOWS\system32\drivers\srtspx.sys
    2007-11-30 23:57 . 2007-11-30 23:57 10,549 --a------ C:\WINDOWS\system32\drivers\srtspx.cat
    2007-11-30 23:57 . 2007-11-30 23:57 10,549 --a------ C:\WINDOWS\system32\drivers\srtspl.cat
    2007-11-30 23:57 . 2007-11-30 23:57 10,545 --a------ C:\WINDOWS\system32\drivers\srtsp.cat
    2007-11-30 23:57 . 2007-11-30 23:57 1,430 --a------ C:\WINDOWS\system32\drivers\srtspl.inf
    2007-11-30 23:57 . 2007-11-30 23:57 1,421 --a------ C:\WINDOWS\system32\drivers\srtspx.inf
    2007-11-30 23:57 . 2007-11-30 23:57 1,415 --a------ C:\WINDOWS\system32\drivers\srtsp.inf

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-27 19:02 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2007-12-27 18:13 --------- d-----w C:\Program Files\Wanadoo
    2007-12-27 16:34 --------- d-----w C:\Program Files\Navilog1
    2007-12-27 14:15 --------- d-----w C:\Program Files\Steam
    2007-12-26 13:10 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2007-12-26 13:10 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
    2007-12-26 13:10 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2007-12-26 13:10 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2007-12-26 13:10 --------- d-----w C:\Program Files\Symantec
    2007-12-25 09:14 --------- d-----w C:\Program Files\eMule
    2007-12-11 12:04 --------- dc----w C:\Documents and Settings\All Users\Application Data\Symantec
    2007-11-25 18:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-14 12:19 --------- d-----w C:\Program Files\Windows Live
    2007-11-14 12:19 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
    2007-11-14 11:59 --------- d-----w C:\Program Files\MSN Messenger
    2007-11-14 11:52 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2007-11-14 11:50 --------- dc----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2007-11-14 11:49 2,402,832 -c--a-w C:\WLinstaller.exe
    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-11-11 17:54 --------- dc--a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2007-11-04 16:50 --------- d-----w C:\Program Files\FileZilla
    2007-11-03 21:33 --------- dc----w C:\Documents and Settings\Marie-Odile.ACER-A38B4A0260\Application Data\teamspeak2
    2007-11-02 18:22 --------- dc----w C:\Documents and Settings\super clément\Application Data\teamspeak2
    2007-11-02 16:14 --------- d-----w C:\Program Files\Securitoo
    2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-10-30 18:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
    2007-10-30 18:55 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
    2007-10-30 18:55 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
    2007-10-30 18:55 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
    2007-10-30 18:55 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
    2007-10-30 18:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
    2007-10-30 18:55 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
    2007-10-30 18:55 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
    2007-10-30 18:55 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
    2007-10-30 18:24 12,963 ----a-w C:\WINDOWS\system32\drivers\SymRedir.cat
    2007-10-30 18:24 1,358 ----a-w C:\WINDOWS\system32\drivers\SymRedir.inf
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
    2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
    2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
    2007-10-10 23:49 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
    2007-10-10 23:49 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
    2007-10-10 23:49 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
    2007-10-10 23:49 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2007-10-10 23:49 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    2007-10-10 23:49 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
    2007-10-10 23:49 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
    2007-10-10 23:49 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    2007-10-10 23:49 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2007-10-10 23:49 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    2007-10-10 23:49 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
    2007-10-10 23:49 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    2007-10-10 23:49 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
    2007-10-10 23:49 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    2007-10-10 23:49 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
    2007-10-10 23:49 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
    2007-10-10 23:49 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    2007-10-10 23:49 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
    2007-10-10 23:49 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
    2007-10-10 23:49 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
    2007-10-10 23:49 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    2007-10-10 11:00 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2007-10-10 11:00 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
    2006-02-19 16:18 9,109,072 -c--a-w C:\Program Files\TU2006TrialFR.exe
    2004-02-12 21:16 1,665,325 -c--a-w C:\Documents and Settings\audiograbber\agsetup.exe
    2004-02-09 04:48 899,072 -c--a-w C:\Documents and Settings\audiograbber\audiograbber.exe
    2003-08-22 08:09 45,056 -c--a-w C:\WINDOWS\inf\slntinst_staticW2k.exe
    2002-07-31 13:22 40,960 -c--a-w C:\Program Files\Fichiers communs\wavdest.ax
    2002-07-19 11:06 119,296 -c--a-w C:\Documents and Settings\audiograbber\libVorbis.dll
    2002-01-03 21:50 155,648 -c--a-w C:\Documents and Settings\audiograbber\WMA8Connect.dll
    2001-11-02 08:57 45,056 -c--a-w C:\WINDOWS\inf\Slntinst.exe
    2000-01-16 00:01 36,352 -c--a-w C:\Documents and Settings\audiograbber\ag12full.dll
    1999-03-17 00:41 59,824 -c--a-w C:\Documents and Settings\audiograbber\uninstall.exe
    2005-10-26 07:05 56 --sh--r C:\WINDOWS\system32\AE11946E1F.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 04:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 13:43]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 13:44]
    "Veoh"="E:\Program Files\Veoh\VeohClient.exe" [2007-12-03 13:21]
    "DeskSpace"="C:\Program Files\DeskSpace\deskspace.exe" []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 10:09]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-01-09 22:59]
    "osCheck"="E:\Program Files\Norton virus-anti\osCheck.exe" [2007-01-14 01:11]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" []
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
    "RTHDCPL"="RTHDCPL.EXE" [2005-06-14 07:48 C:\WINDOWS\RTHDCPL.EXE]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 00:07]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 04:00]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 04:00]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 17:15]
    "NAV CfgWiz"="C:\Program Files\Norton AntiVirus\CfgWiz.exe" []
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 04:00]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-06-21 14:28]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-05-27 08:18]
    "LaunchApp"="Alaunch" []
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 04:00]
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 16:07 C:\WINDOWS\system32\HdAShCut.exe]
    "eRecoveryService"="C:\Program Files\Acer\eRecovery\Monitor.exe" [2005-06-20 08:03]
    "BTUSRBDG"="BtUsrBdg.exe" [2003-04-18 17:15 C:\WINDOWS\system32\BtUsrBdg.exe]
    "BTSETBOOTKEY"="BTSetBootKey.exe" [2003-04-15 08:48 C:\WINDOWS\system32\BTSetBootKey.exe]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-06-21 14:39]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 C:\WINDOWS\AGRSMMSG.exe]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35]
    "Copperhead"="C:\Program Files\Razer\Copperhead\razerhid.exe" [2005-10-08 15:27]
    "razer"="C:\Program Files\Razer\Copperhead\razerhid.exe" [2005-10-08 15:27]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 04:00]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Startup.exe]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Startup.exe
    backup=C:\WINDOWS\pss\Startup.exeCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    2005-06-08 14:24 458752 --a------ C:\Program Files\Logitech\Video\ISStart.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    2005-06-08 14:14 217088 --a------ C:\Program Files\Logitech\Video\LogiTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaDicoAnglais]
    C:\Program Files\Micro Application\MediaDICO Anglais\MediaDICOAnglais.exe Lancement

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
    2006-05-02 21:14 190024 --a------ C:\Program Files\MessengerPlus! 3\MsgPlus.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\messengerskinner]
    C:\Documents and Settings\Marie-Odile\Mes documents\MessengerSkinner\MessengerSkinner.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    E:\Valve\Steam\Steam.exe -silent

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
    E:\Program Files\Veoh\VeohClient.exe /VeohHide

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
    C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
    2004-08-23 13:49 20480 -----c--- C:\PROGRA~1\Wanadoo\Watch.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "SPBBCSvc"=2 (0x2)
    "SNDSrvc"=3 (0x3)
    "SAVScan"=3 (0x3)
    "NSCService"=3 (0x3)
    "NPFMntor"=2 (0x2)
    "TUWinStylerThemeSvc"=2 (0x2)
    "Planificateur LiveUpdate automatique"=2 (0x2)
    "LiveUpdate Notice Ex"=2 (0x2)
    "gusvc"=3 (0x3)
    "FTRTSVC"=2 (0x2)
    "iPodService"=3 (0x3)
    "usnjsvc"=3 (0x3)
    "LiveUpdate Notice Service"=2 (0x2)
    "LiveUpdate"=3 (0x3)
    "IDriverT"=3 (0x3)
    "ATI Smart"=2 (0x2)
    "Ati HotKey Poller"=2 (0x2)
    "Acer Media Server"=2 (0x2)
    "WMPNetworkSvc"=3 (0x3)
    "idsvc"=3 (0x3)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
    "Steam"=C:\Program Files\Valve\Steam\\Steam.exe -silent
    "BlazeServoTool"="C:\Program Files\BlazeVideo\BlazeDVD 4 Standard\MediaDetector.exe"
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe
    "AGRSMMSG"=AGRSMMSG.exe
    "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    "iTunesHelper"="E:\Program Files\itunes\iTunesHelper.exe"
    "eDonkey2000"=C:\Program Files\eDonkey2000\eDonkey2000.exe -t
    "BJCFD"=C:\Program Files\BroadJump\Client Foundation\CFD.exe
    "WooCnxMon"=C:\PROGRA~1\Wanadoo\CnxMon.exe
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime

    R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 06:00]
    R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 16:14]
    R2 int15.sys;int15.sys;C:\Program Files\Acer\eRecovery\int15.sys [2005-01-13 13:46]
    R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2007-09-26 10:56]
    R2 X4HSX32;X4HSX32;C:\Program Files\Metaboli Player\X4HSX32.Sys [2006-12-13 07:34]
    R3 BTCOMM;BTCOMM;C:\WINDOWS\system32\drivers\Btcomm.sys [2003-04-14 08:35]
    R3 BTKRNBDG;Bluetooth COM Bridge;C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys [2003-03-18 09:31]
    R3 Razerlow;Razer Copperhead Driver;C:\WINDOWS\system32\Drivers\Razerlow.sys [2005-08-12 09:11]
    R3 vad_multi;Windigo Virtual Audio Device (WDM);C:\WINDOWS\system32\drivers\vadmulti.sys [2003-11-05 09:53]
    S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;C:\WINDOWS\system32\drivers\WF88XBAR.sys []
    S3 BQE61CDC;BenQ-Siemens E61 Driver;C:\WINDOWS\system32\DRIVERS\bqe61cdc.sys [2006-01-20 10:21]
    S3 gsplittm;gsplittm;C:\DOCUME~1\SUPERC~1\LOCALS~1\Temp\gsplittm.sys []
    S3 StMp3Rec;%SvcDesc%;C:\WINDOWS\system32\Drivers\StMp3Rec.sys [2004-06-22 04:31]
    S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 04:00]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10ba4af9-456b-11da-aeef-806d6172696f}]
    \Shell\AutoRun\command - G:\Lance.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-12-24 19:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyse système complète - Marie-Odile.job"
    - E:\Program Files\Norton virus-anti\Navw32.exeh/TASK:
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 20:08:05
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-27 20:09:01
    C:\ComboFix2.txt ... 2007-12-27 19:30
    C:\ComboFix3.txt ... 2007-12-27 19:08
    .
    2007-12-12 11:17:24 --- E O F ---
    27 Décembre 2007 20:19:52

    Hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:21:55, on 27/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\system32\BtUsrBdg.exe
    C:\WINDOWS\system32\BTSetBootKey.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Razer\Copperhead\razerhid.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    E:\Program Files\Veoh\VeohClient.exe
    C:\Program Files\Razer\Copperhead\razertra.exe
    C:\Program Files\Razer\Copperhead\razerofa.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\Program Files\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton virus-anti\osCheck.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
    O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Veoh] "E:\Program Files\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Club Internet.lnk = ?
    O4 - Startup: Pinnacle Systems - Studio Family.lnk = E:\Program Files\ERegister\Remind32.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
    O4 - Global Startup: Docteur Club Internet.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = ?
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{1C9DD1A9-6983-45D0-8B8A-8286C0C3C5AA}: NameServer = 192.168.1.1
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - E:\Program Files\Norton virus-anti\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

    --
    End of file - 12355 bytes
    a b 8 Sécurité
    27 Décembre 2007 20:47:36

    Bizarre pour Combofix.
    Même souci ?
    27 Décembre 2007 22:27:51

    Sinon pour l'instant pu aucun problème avec le lag.
    Un grand merci a toi pour t'être occupé de moi :) 
    Merci beaucoup :) 
    a b 8 Sécurité
    28 Décembre 2007 11:49:27

    Ok ;) 

  • Télécharge ToolsCleaner sur ton Bureau.
  • Clique sur Recherche et laisse le scan se terminer.
  • Clique sur Suppression pour finaliser.
  • Clique sur Quitter, pour que le rapport puisse se créer.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

    Désactive puis réactive la restauration du système : Voir aide

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

    28 Décembre 2007 12:59:36

    Bonjour :) 

    Rapport TCleaner :
    -->- Recherche:


    ---------------------------------
    -->- Suppression:



    Je vais Désactiver et réactiver tout de suite la restauration system.
    Je met résolu juste aprés.
    La je viens de démarrer mon ordinateur aucun lag, rien il a démarré comme sur des roulettes. Un grand merci a Angeldark pour cette nouvelle réussite !! ;) 
    a b 8 Sécurité
    28 Décembre 2007 13:36:28

    Merci :jap: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS