LACHIEUZE

voici le rapport otmoveit, jusqu'a la tout es fait ;-D, je passe a la suite Explorer killed successfully File/Folder EmtyTemp not found. C:\WINDOWS\tasks\SA.DAT moved successfully. C:\Program Files\AskTBar\SrchAstt\1.bin moved successfully. C:\Program Files\AskTBar\SrchAstt moved successfully. C:\Program Files\AskTBar\PopSwatr\History moved successfully. C:\Program Files\AskTBar\PopSwatr moved successfully. C:\Program Files\AskTBar\bar\Settings moved successfully. C:\Program Files\AskTBar\bar\History moved successfully. C:\Program Files\AskTBar\bar\Cache moved successfully. C:\Program Files\AskTBar\bar\1.bin moved successfully. C:\Program Files\AskTBar\bar moved successfully. C:\Program Files\AskTBar moved successfully. C:\Program Files\Crawler\TBR5LanguageAct moved successfully. C:\Program Files\Crawler\Languages moved successfully. C:\Program Files\Crawler\Cache\COMMON moved successfully. C:\Program Files\Crawler\Cache moved successfully. C:\Program Files\Crawler moved successfully. C:\Program Files\Share_Accelerator_MM moved successfully. C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker moved successfully. C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo\EoWeather\images_station_meteo moved successfully. C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo\EoWeather\images_classic moved successfully. C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo\EoWeather\images moved successfully. C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo\EoWeather moved successfully. C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo\eoStats moved successfully. C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo\eoDesktop moved successfully. C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo\db moved successfully. C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo moved successfully. File/Folder C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker\11 sans armures.wma not found. C:\Documents and Settings\HP_Administrateur\Bureau\sonykeygen14.exe moved successfully. File/Folder C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker\13 ---.wma not found. C:\Program Files\Zapu\Zapu moved successfully. C:\Program Files\Zapu moved successfully. C:\Documents and Settings\HP_Administrateur\Bureau\Nero 8.x Ultra Edition KeyGen.exe moved successfully. C:\Program Files\Macrogaming\SweetIM\update moved successfully. C:\Program Files\Macrogaming\SweetIM\resources\images moved successfully. C:\Program Files\Macrogaming\SweetIM\resources moved successfully. C:\Program Files\Macrogaming\SweetIM\logs moved successfully. C:\Program Files\Macrogaming\SweetIM\data\contentdb moved successfully. C:\Program Files\Macrogaming\SweetIM\data moved successfully. C:\Program Files\Macrogaming\SweetIM\conf\users\stevensetamelie@hotmail.fr moved successfully. C:\Program Files\Macrogaming\SweetIM\conf\users\miss_lilie_62@hotmail.fr moved successfully. C:\Program Files\Macrogaming\SweetIM\conf\users\missameldu62@hotmail.fr moved successfully. C:\Program Files\Macrogaming\SweetIM\conf\users\freefightered@hotmail.fr moved successfully. C:\Program Files\Macrogaming\SweetIM\conf\users\dedel3577@hotmail.fr moved successfully. C:\Program Files\Macrogaming\SweetIM\conf\users\caillasseurdeskin72689@orange.com moved successfully. C:\Program Files\Macrogaming\SweetIM\conf\users\atykadu35@hotmail.fr moved successfully. C:\Program Files\Macrogaming\SweetIM\conf\users moved successfully. C:\Program Files\Macrogaming\SweetIM\conf moved successfully. C:\Program Files\Macrogaming\SweetIM moved successfully. C:\Program Files\Macrogaming moved successfully. C:\Program Files\Online_TV moved successfully. File/Folder C:\Program Files\ONLINE HOPE not found. C:\Program Files\FrenchOtto\Sounds moved successfully. C:\Program Files\FrenchOtto\MEDIA\SOUNDS moved successfully. C:\Program Files\FrenchOtto\MEDIA\MUSIC moved successfully. C:\Program Files\FrenchOtto\MEDIA\LEVELS moved successfully. C:\Program Files\FrenchOtto\MEDIA\IMAGES moved successfully. C:\Program Files\FrenchOtto\MEDIA moved successfully. C:\Program Files\FrenchOtto\Images_Purple moved successfully. C:\Program Files\FrenchOtto\IMAGES moved successfully. C:\Program Files\FrenchOtto moved successfully. C:\Program Files\GemMasterFrench\Sounds moved successfully. C:\Program Files\GemMasterFrench\media\tooltips moved successfully. C:\Program Files\GemMasterFrench\media\message_graphics moved successfully. C:\Program Files\GemMasterFrench\media\intro\resources moved successfully. C:\Program Files\GemMasterFrench\media\intro moved successfully. C:\Program Files\GemMasterFrench\media\fireworks\4x moved successfully. C:\Program Files\GemMasterFrench\media\fireworks moved successfully. C:\Program Files\GemMasterFrench\media\audio\sounds\fx moved successfully. C:\Program Files\GemMasterFrench\media\audio\sounds\combos moved successfully. C:\Program Files\GemMasterFrench\media\audio\sounds moved successfully. C:\Program Files\GemMasterFrench\media\audio\music moved successfully. C:\Program Files\GemMasterFrench\media\audio moved successfully. C:\Program Files\GemMasterFrench\media moved successfully. C:\Program Files\GemMasterFrench\Images_Purple moved successfully. C:\Program Files\GemMasterFrench\images moved successfully. C:\Program Files\GemMasterFrench moved successfully. C:\Program Files\Web Hottest Videos Personal Player moved successfully. C:\Program Files\Webteh moved successfully. Explorer started successfully OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06122008_023916

ok je vais faire ca en rentrant des ce soir merci bcp ;-D

c'est bon j'ai été directement l'avoir par le dossier ;-D j'ai désinstallé et viré le dossier qui allait avec ;-D merci en tout cas...j'attends la suite des opérations au taquet mdrrrr

je crois que j'ai un probleme car dans mon "panneau de configuration" je trouve plus emule ???!!! c'est normal??? ben j'avance pas plus tant que je peut l'enlever, parce que je sais pas si pour la suite il faut absolument qu'il soit enlever... bon j'ai fait aussi le nettoyage de norton donc ca aussi c'est fait... je bloque juste sur emule...

voici deja le resultat de virustotal ;-D Fichier wklnhst.dat reçu le 2008.06.11 04:03:14 (CET) Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.6.11.0 2008.06.10 - AntiVir 7.8.0.55 2008.06.10 - Authentium 5.1.0.4 2008.06.11 - Avast 4.8.1195.0 2008.06.10 - AVG 7.5.0.516 2008.06.10 - BitDefender 7.2 2008.06.11 - CAT-QuickHeal 9.50 2008.06.10 - ClamAV 0.92.1 2008.06.11 - DrWeb 4.44.0.09170 2008.06.10 - eSafe 7.0.15.0 2008.06.10 - eTrust-Vet 31.6.5864 2008.06.10 - Ewido 4.0 2008.06.10 - F-Prot 4.4.4.56 2008.06.10 - F-Secure 6.70.13260.0 2008.06.11 - Fortinet 3.14.0.0 2008.06.10 - GData 2.0.7306.1023 2008.06.11 - Ikarus T3.1.1.26.0 2008.06.11 - Kaspersky 7.0.0.125 2008.06.11 - McAfee 5314 2008.06.10 - Microsoft 1.3604 2008.06.11 - NOD32v2 3175 2008.06.11 - Norman 5.80.02 2008.06.10 - Panda 9.0.0.4 2008.06.10 - Prevx1 V2 2008.06.11 - Rising 20.48.12.00 2008.06.10 - Sophos 4.30.0 2008.06.11 - Sunbelt 3.0.1145.1 2008.06.05 - Symantec 10 2008.06.11 - TheHacker 6.2.92.342 2008.06.11 - VBA32 3.12.6.7 2008.06.10 - VirusBuster 4.3.26:9 2008.06.10 - Webwasher-Gateway 6.6.2 2008.06.11 - Information additionnelle File size: 9108 bytes MD5...: a2f4ffc1ad9a32faf47994ad88d573ef SHA1..: 4cded85074572028fa2c0f359f7515a2c3c86ff6 SHA256: 9871599ec76447cc8f517719c26a4f9ae6fe7a48700d887213a2c4217c642208 SHA512: 8791a732b7e06016cf8a7d6eacf5d92c2de013acdd28276982e0e1475403dc75<br>a4f42e1af9946c38b3826163ce67494bdba15777faa10b67e896d8bc7de0b4c8 PEiD..: - PEInfo: - Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.6.11.0 2008.06.10 - AntiVir 7.8.0.55 2008.06.10 - Authentium 5.1.0.4 2008.06.11 - Avast 4.8.1195.0 2008.06.10 - AVG 7.5.0.516 2008.06.10 - BitDefender 7.2 2008.06.11 - CAT-QuickHeal 9.50 2008.06.10 - ClamAV 0.92.1 2008.06.11 - DrWeb 4.44.0.09170 2008.06.10 - eSafe 7.0.15.0 2008.06.10 - eTrust-Vet 31.6.5864 2008.06.10 - Ewido 4.0 2008.06.10 - F-Prot 4.4.4.56 2008.06.10 - F-Secure 6.70.13260.0 2008.06.11 - Fortinet 3.14.0.0 2008.06.10 - GData 2.0.7306.1023 2008.06.11 - Ikarus T3.1.1.26.0 2008.06.11 - Kaspersky 7.0.0.125 2008.06.11 - McAfee 5314 2008.06.10 - Microsoft 1.3604 2008.06.11 - NOD32v2 3175 2008.06.11 - Norman 5.80.02 2008.06.10 - Panda 9.0.0.4 2008.06.10 - Prevx1 V2 2008.06.11 - Rising 20.48.12.00 2008.06.10 - Sophos 4.30.0 2008.06.11 - Sunbelt 3.0.1145.1 2008.06.05 - Symantec 10 2008.06.11 - TheHacker 6.2.92.342 2008.06.11 - VBA32 3.12.6.7 2008.06.10 - VirusBuster 4.3.26:9 2008.06.10 - Webwasher-Gateway 6.6.2 2008.06.11 - Information additionnelle File size: 9108 bytes MD5...: a2f4ffc1ad9a32faf47994ad88d573ef SHA1..: 4cded85074572028fa2c0f359f7515a2c3c86ff6 SHA256: 9871599ec76447cc8f517719c26a4f9ae6fe7a48700d887213a2c4217c642208 SHA512: 8791a732b7e06016cf8a7d6eacf5d92c2de013acdd28276982e0e1475403dc75<br>a4f42e1af9946c38b3826163ce67494bdba15777faa10b67e896d8bc7de0b4c8 PEiD..: - PEInfo: -

ok j'ai bien tout lu en effet ca ramene bien de la m... misere a mon pc... bon demain je me remet au nettoyage et je vire emule moi qui l'aimait bien et qui le trouvait inoffensif EMULE et non je connait aucun des logiciels cités au dessus... juste "web hotest..." quand je recoit un fake sur la mule ca m'ouvre des trucs suspect et rien a voir avec ma demande :-0 en tout cas merci pour votre aide ;-D

ok alors merci de ton aide ;-D j'attend les prochains topics pour avancer

et pour finir le rapport movelt c:\windows\taskmon.exe moved successfully. c:\program files\macrogaming\sweetim\sweetim.exe moved successfully. File/Folder c:\program files\asktbar\srchastt\1.bin\a5srchas.dll not found. File/Folder c:\program files\crawler\ctbr.dll not found. File/Folder c:\documents and settings\all users\application data\part dead amok eggs\load soap.exe not found. File/Folder c:\documents and settings\hp_adm~1\applic~1\online~1\show trust.exe not found. OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06102008_144719 donc voila que me reste il a faire desormais? :-0 merci de votre aide

le rapport highjackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:44:12, on 10/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\WINDOWS\vVX3000.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\DOCUME~1\HP_ADM~1\MESDOC~1\UTILIS~1\SsAAD.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\HP\KBD\KBD.EXE C:\Program Files\Mozilla Firefox\firefox.exe c:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\HP_Administrateur\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Online_TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Online_TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [ssAAD.exe] C:\DOCUME~1\HP_ADM~1\MESDOC~1\UTILIS~1\SsAAD.exe O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?bec6824bb4e146cba49e54f87a5f904e O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?bec6824bb4e146cba49e54f87a5f904e O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - file://C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Oberon Media\Oberon Games Host\ddfotg.1.0.0.37.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O24 - Desktop Component 0: (no name) - http://i124.photobucket.com/albums/p26/zef...totdispogif.gif -- End of file - 13564 bytes

voici le 1er rapport lopr avant la suppression -----------------------[ Lop S&D 4.2.1-3 XP/Vista ]--------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : HP_Administrateur ] [ "C:\Lop SD" ] [ Selection : 1 ] [ 10/06/2008 | 14:31:58,12 ] [ PC : NOM-FB9B15D2723 ] [ MAJ : 07-06-2008 | 22:15 ] -------------[ Listing des dossiers dans Application Data ]------------ [10/10/2005|15:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [15/11/2005|04:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [19/09/2006|06:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [19/09/2006|06:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real [23/09/2007|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [23/08/2007|06:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [25/04/2008|02:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ashampoo [30/01/2008|03:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [19/09/2006|06:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [10/10/2005|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [23/08/2007|01:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [01/04/2007|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FREEDB [21/06/2007|11:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [19/09/2006|06:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard [03/03/2007|07:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [10/04/2008|03:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [19/09/2006|06:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [27/07/2007|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt [30/07/2007|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [05/03/2007|02:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX [19/09/2006|06:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [22/08/2007|08:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies [23/08/2007|06:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [18/04/2007|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [26/05/2008|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs [28/04/2007|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [19/09/2006|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [19/09/2006|06:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [23/04/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony [07/01/2008|03:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation [30/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [01/07/2007|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [30/07/2007|06:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [25/07/2007|02:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems [23/06/2007|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [30/06/2007|07:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [28/03/2008|04:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [10/10/2005|15:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [15/11/2005|04:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [19/09/2006|06:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [19/09/2006|06:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real [18/04/2008|23:30] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe [15/07/2007|04:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM [23/08/2007|09:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ahead [25/04/2008|02:58] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ashampoo [21/09/2007|05:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BSplayer [14/09/2007|04:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BSplayer Pro [01/04/2007|21:47] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink [05/03/2007|02:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Datalayer [10/10/2005|15:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\desktop.ini [23/08/2007|08:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo [25/08/2007|21:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google [16/01/2008|04:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help [03/03/2007|07:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP [03/03/2007|08:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ [15/11/2005|04:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities [10/04/2008|02:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Image Zone Express [04/03/2007|03:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech [18/04/2008|23:30] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia [10/03/2007|04:46] C:\DOCUME~1\HP_ADM~1\APPLIC~1\MAGIX [07/01/2008|01:40] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft [26/09/2007|03:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla [22/08/2007|08:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\muvee Technologies [23/08/2007|07:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Nero [28/04/2008|18:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\NetMedia Providers [05/03/2007|02:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Nokia [26/05/2008|16:12] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE HOPE [28/04/2008|18:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Publish Providers [06/01/2008|03:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real [27/07/2007|15:38] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung [04/03/2007|03:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic [28/04/2008|18:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony [07/01/2008|03:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony Corporation [23/04/2008|15:57] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony Setup [21/06/2007|14:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun [23/03/2007|02:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template [25/07/2007|02:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ulead Systems [14/09/2007|05:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\vlc [03/07/2007|09:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Windows Desktop Search [09/06/2008|15:14] C:\DOCUME~1\HP_ADM~1\APPLIC~1\wklnhst.dat [19/09/2006|05:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [19/09/2006|05:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [10/06/2008 14:00][--ah-----] C:\WINDOWS\tasks\AB4D00AD918ABBA5.job [10/06/2008 14:13][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [10/06/2008 14:21][--ah-----] C:\WINDOWS\tasks\SA.DAT [10/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini AB4D00AD918ABBA5.job <--> c:\docume~1\hp_adm~1\applic~1\online~1\DefaultMeetFunk.exe ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [23/09/2007|04:10] C:\Program Files\Adobe [09/09/2007|11:28] C:\Program Files\Ahead [21/06/2007|09:36] C:\Program Files\Alwil Software [25/08/2007|21:52] C:\Program Files\AskTBar [30/01/2008|03:33] C:\Program Files\Avanquest update [31/07/2007|01:50] C:\Program Files\Babylon [06/01/2008|04:22] C:\Program Files\Beneton Movie GIF [02/05/2008|23:15] C:\Program Files\BitDownload [02/05/2008|23:12] C:\Program Files\BitTorrent Fastest Tool [09/09/2007|08:23] C:\Program Files\CCleaner [12/11/2005|02:09] C:\Program Files\ComPlus Applications [09/06/2008|13:14] C:\Program Files\Crawler [22/12/2007|04:02] C:\Program Files\DivX [09/09/2007|10:52] C:\Program Files\DVDFab Decrypter [09/03/2008|17:48] C:\Program Files\DVDFab HD Decrypter 4 [27/04/2007|00:32] C:\Program Files\dvdSanta [19/09/2006|06:41] C:\Program Files\EasyBits [02/04/2007|02:39] C:\Program Files\EasyBits For Kids [09/09/2007|10:52] C:\Program Files\Elaborate Bytes [06/06/2008|06:06] C:\Program Files\eMule [23/03/2008|20:01] C:\Program Files\Fichiers communs [19/09/2006|05:52] C:\Program Files\FrenchOtto [19/09/2006|05:52] C:\Program Files\GemMasterFrench [30/06/2007|22:59] C:\Program Files\Google [19/09/2006|06:41] C:\Program Files\Hewlett-Packard [10/04/2008|02:46] C:\Program Files\HP [13/03/2008|16:16] C:\Program Files\InstallShield Installation Information [19/09/2006|06:11] C:\Program Files\Intel [17/06/2007|03:42] C:\Program Files\InterActual [10/04/2008|03:03] C:\Program Files\Internet Explorer [05/06/2007|00:54] C:\Program Files\Inventel [08/03/2008|05:55] C:\Program Files\Java [09/09/2007|09:22] C:\Program Files\jv16 PowerTools 2007 [30/07/2007|09:39] C:\Program Files\Lavasoft [04/01/2008|22:08] C:\Program Files\Macrogaming [19/09/2006|06:01] C:\Program Files\Messenger [23/09/2007|06:49] C:\Program Files\Micro Application [30/06/2007|14:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [15/11/2005|04:24] C:\Program Files\microsoft frontpage [06/11/2007|17:04] C:\Program Files\Microsoft LifeCam [19/09/2006|06:24] C:\Program Files\Microsoft Office [23/04/2008|16:05] C:\Program Files\Microsoft SQL Server [19/09/2006|06:24] C:\Program Files\Microsoft Works [30/01/2008|03:33] C:\Program Files\Motorola Phone Tools [15/11/2005|04:24] C:\Program Files\Movie Maker [10/06/2008|14:24] C:\Program Files\Mozilla Firefox [15/11/2005|04:24] C:\Program Files\MSN [15/11/2005|04:25] C:\Program Files\MSN Gaming Zone [14/05/2008|14:13] C:\Program Files\MSN Messenger [22/06/2007|01:04] C:\Program Files\MSXML 4.0 [19/09/2006|06:26] C:\Program Files\muvee Technologies [23/08/2007|06:46] C:\Program Files\Nero [15/11/2005|04:25] C:\Program Files\NetMeeting [26/05/2008|16:11] C:\Program Files\ONLINE HOPE [02/05/2008|23:16] C:\Program Files\Online_TV [30/07/2007|06:23] C:\Program Files\orange [02/07/2007|03:05] C:\Program Files\Outlook Express [30/06/2007|22:35] C:\Program Files\PC-Doctor 5 for Windows [22/07/2007|21:24] C:\Program Files\QuickTime [19/09/2006|06:19] C:\Program Files\Real [09/09/2007|08:17] C:\Program Files\RegCleaner [23/08/2007|02:06] C:\Program Files\Rocket Division Software [04/06/2007|15:25] C:\Program Files\SAGEM [27/07/2007|15:22] C:\Program Files\Samsung [21/06/2007|09:01] C:\Program Files\Securitoo [19/09/2006|06:43] C:\Program Files\Services en ligne [02/05/2008|23:20] C:\Program Files\Share_Accelerator_MM [04/01/2008|22:34] C:\Program Files\SM [04/01/2008|22:05] C:\Program Files\Sonic [23/04/2008|16:03] C:\Program Files\Sony [07/01/2008|03:02] C:\Program Files\Sony Corporation [23/04/2008|15:56] C:\Program Files\Sony Setup [23/01/2008|21:49] C:\Program Files\Spybot - Search & Destroy [23/01/2008|23:24] C:\Program Files\SpywareBlaster [25/07/2007|02:04] C:\Program Files\Ulead Systems [23/04/2008|16:05] C:\Program Files\Uninstall Information [14/09/2007|05:40] C:\Program Files\VideoLAN [19/07/2007|21:03] C:\Program Files\VirtualDJ [23/09/2007|02:59] C:\Program Files\Vsoft [23/04/2008|16:04] C:\Program Files\Vstplugins [10/06/2008|14:28] C:\Program Files\Wanadoo [18/05/2008|00:14] C:\Program Files\Web Hottest Videos Personal Player [21/09/2007|05:51] C:\Program Files\Webteh [03/07/2007|09:06] C:\Program Files\Windows Desktop Search [04/07/2007|03:01] C:\Program Files\Windows Live Favorites [30/11/2007|04:00] C:\Program Files\Windows Live Toolbar [23/06/2007|18:39] C:\Program Files\Windows Media Connect 2 [07/01/2008|02:56] C:\Program Files\Windows Media Player [15/11/2005|04:25] C:\Program Files\Windows NT [15/11/2005|04:25] C:\Program Files\Windows Plus [12/11/2005|02:09] C:\Program Files\WindowsUpdate [25/09/2007|05:43] C:\Program Files\WinRAR [15/11/2005|04:26] C:\Program Files\xerox [18/07/2007|16:05] C:\Program Files\XviD [14/05/2008|14:14] C:\Program Files\Zapu ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [23/09/2007|04:11] C:\Program Files\Fichiers communs\Adobe [23/08/2007|06:48] C:\Program Files\Fichiers communs\Ahead [06/06/2007|01:16] C:\Program Files\Fichiers communs\AOL [03/03/2007|07:29] C:\Program Files\Fichiers communs\Hewlett-Packard [19/09/2006|06:16] C:\Program Files\Fichiers communs\HP [04/01/2008|22:07] C:\Program Files\Fichiers communs\InstallShield [19/09/2006|05:57] C:\Program Files\Fichiers communs\Java [23/08/2007|06:59] C:\Program Files\Fichiers communs\LightScribe [19/09/2006|06:22] C:\Program Files\Fichiers communs\LS Getting Started [05/03/2007|02:34] C:\Program Files\Fichiers communs\MAGIX Shared [23/03/2008|20:01] C:\Program Files\Fichiers communs\Microsoft Shared [15/11/2005|04:24] C:\Program Files\Fichiers communs\MSSoap [19/09/2006|06:25] C:\Program Files\Fichiers communs\muvee Technologies [15/11/2005|04:24] C:\Program Files\Fichiers communs\ODBC [06/01/2008|03:53] C:\Program Files\Fichiers communs\Real [15/11/2005|04:24] C:\Program Files\Fichiers communs\Services [23/01/2008|23:50] C:\Program Files\Fichiers communs\Sonic Shared [07/01/2008|03:02] C:\Program Files\Fichiers communs\Sony Shared [15/11/2005|04:24] C:\Program Files\Fichiers communs\SpeechEngines [01/09/2007|04:31] C:\Program Files\Fichiers communs\SWF Studio [01/07/2007|10:10] C:\Program Files\Fichiers communs\Symantec Shared [02/07/2007|03:05] C:\Program Files\Fichiers communs\System [25/07/2007|02:04] C:\Program Files\Fichiers communs\Ulead Systems [23/03/2008|20:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller [30/07/2007|09:34] C:\Program Files\Fichiers communs\Wise Installation Wizard ---------------------------[ Process ]-------------------------- ... 66 IEXPLORE.EXE ~ [3820] IEXPLORE.EXE ~ [3976] ----------------------[ Recherche avec S_Lop ]--------------------- C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\bis126B.exe C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\bis1E7.exe C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\bis28E.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1 C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\bczkfkfv.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\Default Meet Funk.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\ejellers.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\freemeowflapmpeg.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\jaequzjj.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\juiqdndd.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\qgosweqk.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\SHOW TRUST.exe -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\load soap.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1 C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\bczkfkfv.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\Default Meet Funk.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\ejellers.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\freemeowflapmpeg.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\jaequzjj.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\juiqdndd.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\qgosweqk.exe C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\SHOW TRUST.exe C:\Program Files\online~1 C:\Program Files\Bitdownload C:\Program Files\Bitdownload\session.store C:\Program Files\BitTorrent Fastest Tool C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe C:\Program Files\BitTorrent Fastest Tool\BitP.exe C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG C:\WINDOWS\Prefetch\LOAD SOAP.EXE-00407DAD.pf C:\WINDOWS\Prefetch\DEFAULT MEET FUNK.EXE-389F809D.pf C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.adserver5[1].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adultfriendfinder[1].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adin.bigpoint[2].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.seafight.bigpoint[2].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.cotedazurpalace[2].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cotedazurpalace[2].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adopt.euroclick[1].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@pacificpoker[1].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.seafight.bigpoint[2].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@32vegas[1].txt C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.32vegas[2].txt C:\WINDOWS\Tasks\AB4D00AD918ABBA5.job ----------------------[ Verification du Registre ]---------------------- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Help does view] "DisplayName"="CiD Help" "UninstallString"="C:\\DOCUME~1\\HP_ADM~1\\APPLIC~1\\ONLINE~1\\SHOW TRUST.exe -uninstall" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Slow pop"="C:\\DOCUME~1\\HP_ADM~1\\APPLIC~1\\ONLINE~1\\SHOW TRUST.exe" "Slow pop"="C:\\DOCUME~1\\HP_ADM~1\\APPLIC~1\\ONLINE~1\\SHOW TRUST.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 72 ( 70 ## added by CiD ) /!\ 1 Not 127.0.0.1 !! ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-10 14:33:04 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- => C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker => C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker\11 sans armures.wma => C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker\13 ---.wma => C:\Documents and Settings\HP_Administrateur\Bureau\Nero 8.x Ultra Edition KeyGen.exe => C:\Documents and Settings\HP_Administrateur\Bureau\sonykeygen14.exe [F:10839][D:124]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp [F:34][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies [F:832][D:9]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 14:33:49,12 ]---------------------- et la seconde de lop après la suppression -----------------------[ Lop S&D 4.2.1-3 XP/Vista ]--------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : HP_Administrateur ] [ "C:\Lop SD" ] [ Selection : 2 ] [ 10/06/2008 | 14:35:19,37 ] [ PC : NOM-FB9B15D2723 ] [ MAJ : 07-06-2008 | 22:15 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////// Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\load soap.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\bczkfkfv.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\Default Meet Funk.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\ejellers.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\freemeowflapmpeg.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\jaequzjj.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\juiqdndd.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\qgosweqk.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1\SHOW TRUST.exe Supprimé! - C:\Program Files\Bitdownload\session.store Supprimé! - C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe Supprimé! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe Supprimé! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG Supprimé! - C:\WINDOWS\Prefetch\LOAD SOAP.EXE-00407DAD.pf Supprimé! - C:\WINDOWS\Prefetch\DEFAULT MEET FUNK.EXE-389F809D.pf Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.adserver5[1].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adultfriendfinder[1].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adin.bigpoint[2].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.seafight.bigpoint[2].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.cotedazurpalace[2].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cotedazurpalace[2].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adopt.euroclick[1].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@pacificpoker[1].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@32vegas[1].txt Supprimé! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.32vegas[2].txt Supprimé! - C:\WINDOWS\Tasks\AB4D00AD918ABBA5.job Supprimé! - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\bis126B.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\bis1E7.exe Supprimé! - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\bis28E.exe Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs Supprimé! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\online~1 Supprimé! - C:\Program Files\online~1 Supprimé! - C:\Program Files\Bitdownload Supprimé! - C:\Program Files\BitTorrent Fastest Tool Restauré! - Fichier Hosts //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ -------------[ Listing des dossiers dans Application Data ]------------ [10/10/2005|15:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [15/11/2005|04:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [19/09/2006|06:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [19/09/2006|06:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real [23/09/2007|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [23/08/2007|06:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [25/04/2008|02:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ashampoo [30/01/2008|03:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [19/09/2006|06:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [10/10/2005|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [23/08/2007|01:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [01/04/2007|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FREEDB [21/06/2007|11:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [19/09/2006|06:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard [03/03/2007|07:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [10/04/2008|03:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [19/09/2006|06:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [27/07/2007|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt [30/07/2007|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [05/03/2007|02:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX [19/09/2006|06:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [22/08/2007|08:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies [23/08/2007|06:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [18/04/2007|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [28/04/2007|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [19/09/2006|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [19/09/2006|06:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [23/04/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony [07/01/2008|03:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation [30/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [01/07/2007|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [30/07/2007|06:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [25/07/2007|02:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems [23/06/2007|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [30/06/2007|07:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [28/03/2008|04:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [10/10/2005|15:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [15/11/2005|04:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [19/09/2006|06:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [19/09/2006|06:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real [18/04/2008|23:30] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe [15/07/2007|04:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM [23/08/2007|09:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ahead [25/04/2008|02:58] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ashampoo [21/09/2007|05:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BSplayer [14/09/2007|04:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BSplayer Pro [01/04/2007|21:47] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink [05/03/2007|02:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Datalayer [10/10/2005|15:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\desktop.ini [23/08/2007|08:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\EoRezo [25/08/2007|21:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google [16/01/2008|04:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help [03/03/2007|07:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP [03/03/2007|08:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ [15/11/2005|04:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities [10/04/2008|02:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Image Zone Express [04/03/2007|03:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech [18/04/2008|23:30] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia [10/03/2007|04:46] C:\DOCUME~1\HP_ADM~1\APPLIC~1\MAGIX [07/01/2008|01:40] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft [26/09/2007|03:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla [22/08/2007|08:39] C:\DOCUME~1\HP_ADM~1\APPLIC~1\muvee Technologies [23/08/2007|07:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Nero [28/04/2008|18:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\NetMedia Providers [05/03/2007|02:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Nokia [28/04/2008|18:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Publish Providers [06/01/2008|03:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real [27/07/2007|15:38] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung [04/03/2007|03:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic [28/04/2008|18:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony [07/01/2008|03:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony Corporation [23/04/2008|15:57] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony Setup [21/06/2007|14:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun [23/03/2007|02:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template [25/07/2007|02:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ulead Systems [14/09/2007|05:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\vlc [03/07/2007|09:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Windows Desktop Search [09/06/2008|15:14] C:\DOCUME~1\HP_ADM~1\APPLIC~1\wklnhst.dat [19/09/2006|05:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [19/09/2006|05:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [10/06/2008 14:13][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [10/06/2008 14:21][--ah-----] C:\WINDOWS\tasks\SA.DAT [10/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [23/09/2007|04:10] C:\Program Files\Adobe [09/09/2007|11:28] C:\Program Files\Ahead [21/06/2007|09:36] C:\Program Files\Alwil Software [25/08/2007|21:52] C:\Program Files\AskTBar [30/01/2008|03:33] C:\Program Files\Avanquest update [31/07/2007|01:50] C:\Program Files\Babylon [06/01/2008|04:22] C:\Program Files\Beneton Movie GIF [09/09/2007|08:23] C:\Program Files\CCleaner [12/11/2005|02:09] C:\Program Files\ComPlus Applications [09/06/2008|13:14] C:\Program Files\Crawler [22/12/2007|04:02] C:\Program Files\DivX [09/09/2007|10:52] C:\Program Files\DVDFab Decrypter [09/03/2008|17:48] C:\Program Files\DVDFab HD Decrypter 4 [27/04/2007|00:32] C:\Program Files\dvdSanta [19/09/2006|06:41] C:\Program Files\EasyBits [02/04/2007|02:39] C:\Program Files\EasyBits For Kids [09/09/2007|10:52] C:\Program Files\Elaborate Bytes [06/06/2008|06:06] C:\Program Files\eMule [23/03/2008|20:01] C:\Program Files\Fichiers communs [19/09/2006|05:52] C:\Program Files\FrenchOtto [19/09/2006|05:52] C:\Program Files\GemMasterFrench [30/06/2007|22:59] C:\Program Files\Google [19/09/2006|06:41] C:\Program Files\Hewlett-Packard [10/04/2008|02:46] C:\Program Files\HP [13/03/2008|16:16] C:\Program Files\InstallShield Installation Information [19/09/2006|06:11] C:\Program Files\Intel [17/06/2007|03:42] C:\Program Files\InterActual [10/04/2008|03:03] C:\Program Files\Internet Explorer [05/06/2007|00:54] C:\Program Files\Inventel [08/03/2008|05:55] C:\Program Files\Java [09/09/2007|09:22] C:\Program Files\jv16 PowerTools 2007 [30/07/2007|09:39] C:\Program Files\Lavasoft [04/01/2008|22:08] C:\Program Files\Macrogaming [19/09/2006|06:01] C:\Program Files\Messenger [23/09/2007|06:49] C:\Program Files\Micro Application [30/06/2007|14:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [15/11/2005|04:24] C:\Program Files\microsoft frontpage [06/11/2007|17:04] C:\Program Files\Microsoft LifeCam [19/09/2006|06:24] C:\Program Files\Microsoft Office [23/04/2008|16:05] C:\Program Files\Microsoft SQL Server [19/09/2006|06:24] C:\Program Files\Microsoft Works [30/01/2008|03:33] C:\Program Files\Motorola Phone Tools [15/11/2005|04:24] C:\Program Files\Movie Maker [10/06/2008|14:24] C:\Program Files\Mozilla Firefox [15/11/2005|04:24] C:\Program Files\MSN [15/11/2005|04:25] C:\Program Files\MSN Gaming Zone [14/05/2008|14:13] C:\Program Files\MSN Messenger [22/06/2007|01:04] C:\Program Files\MSXML 4.0 [19/09/2006|06:26] C:\Program Files\muvee Technologies [23/08/2007|06:46] C:\Program Files\Nero [15/11/2005|04:25] C:\Program Files\NetMeeting [02/05/2008|23:16] C:\Program Files\Online_TV [30/07/2007|06:23] C:\Program Files\orange [02/07/2007|03:05] C:\Program Files\Outlook Express [30/06/2007|22:35] C:\Program Files\PC-Doctor 5 for Windows [22/07/2007|21:24] C:\Program Files\QuickTime [19/09/2006|06:19] C:\Program Files\Real [09/09/2007|08:17] C:\Program Files\RegCleaner [23/08/2007|02:06] C:\Program Files\Rocket Division Software [04/06/2007|15:25] C:\Program Files\SAGEM [27/07/2007|15:22] C:\Program Files\Samsung [21/06/2007|09:01] C:\Program Files\Securitoo [19/09/2006|06:43] C:\Program Files\Services en ligne [02/05/2008|23:20] C:\Program Files\Share_Accelerator_MM [04/01/2008|22:34] C:\Program Files\SM [04/01/2008|22:05] C:\Program Files\Sonic [23/04/2008|16:03] C:\Program Files\Sony [07/01/2008|03:02] C:\Program Files\Sony Corporation [23/04/2008|15:56] C:\Program Files\Sony Setup [23/01/2008|21:49] C:\Program Files\Spybot - Search & Destroy [23/01/2008|23:24] C:\Program Files\SpywareBlaster [25/07/2007|02:04] C:\Program Files\Ulead Systems [23/04/2008|16:05] C:\Program Files\Uninstall Information [14/09/2007|05:40] C:\Program Files\VideoLAN [19/07/2007|21:03] C:\Program Files\VirtualDJ [23/09/2007|02:59] C:\Program Files\Vsoft [23/04/2008|16:04] C:\Program Files\Vstplugins [10/06/2008|14:28] C:\Program Files\Wanadoo [18/05/2008|00:14] C:\Program Files\Web Hottest Videos Personal Player [21/09/2007|05:51] C:\Program Files\Webteh [03/07/2007|09:06] C:\Program Files\Windows Desktop Search [04/07/2007|03:01] C:\Program Files\Windows Live Favorites [30/11/2007|04:00] C:\Program Files\Windows Live Toolbar [23/06/2007|18:39] C:\Program Files\Windows Media Connect 2 [07/01/2008|02:56] C:\Program Files\Windows Media Player [15/11/2005|04:25] C:\Program Files\Windows NT [15/11/2005|04:25] C:\Program Files\Windows Plus [12/11/2005|02:09] C:\Program Files\WindowsUpdate [25/09/2007|05:43] C:\Program Files\WinRAR [15/11/2005|04:26] C:\Program Files\xerox [18/07/2007|16:05] C:\Program Files\XviD [14/05/2008|14:14] C:\Program Files\Zapu ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [23/09/2007|04:11] C:\Program Files\Fichiers communs\Adobe [23/08/2007|06:48] C:\Program Files\Fichiers communs\Ahead [06/06/2007|01:16] C:\Program Files\Fichiers communs\AOL [03/03/2007|07:29] C:\Program Files\Fichiers communs\Hewlett-Packard [19/09/2006|06:16] C:\Program Files\Fichiers communs\HP [04/01/2008|22:07] C:\Program Files\Fichiers communs\InstallShield [19/09/2006|05:57] C:\Program Files\Fichiers communs\Java [23/08/2007|06:59] C:\Program Files\Fichiers communs\LightScribe [19/09/2006|06:22] C:\Program Files\Fichiers communs\LS Getting Started [05/03/2007|02:34] C:\Program Files\Fichiers communs\MAGIX Shared [23/03/2008|20:01] C:\Program Files\Fichiers communs\Microsoft Shared [15/11/2005|04:24] C:\Program Files\Fichiers communs\MSSoap [19/09/2006|06:25] C:\Program Files\Fichiers communs\muvee Technologies [15/11/2005|04:24] C:\Program Files\Fichiers communs\ODBC [06/01/2008|03:53] C:\Program Files\Fichiers communs\Real [15/11/2005|04:24] C:\Program Files\Fichiers communs\Services [23/01/2008|23:50] C:\Program Files\Fichiers communs\Sonic Shared [07/01/2008|03:02] C:\Program Files\Fichiers communs\Sony Shared [15/11/2005|04:24] C:\Program Files\Fichiers communs\SpeechEngines [01/09/2007|04:31] C:\Program Files\Fichiers communs\SWF Studio [01/07/2007|10:10] C:\Program Files\Fichiers communs\Symantec Shared [02/07/2007|03:05] C:\Program Files\Fichiers communs\System [25/07/2007|02:04] C:\Program Files\Fichiers communs\Ulead Systems [23/03/2008|20:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller [30/07/2007|09:34] C:\Program Files\Fichiers communs\Wise Installation Wizard ---------------------------[ Process ]-------------------------- ... 66 IEXPLORE.EXE ~ [2660] ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- Aucun fichier / dossier Lop trouvé ! ----------------------[ Verification du Registre ]---------------------- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Help does view] "DisplayName"="CiD Help" "UninstallString"="C:\\DOCUME~1\\HP_ADM~1\\APPLIC~1\\ONLINE~1\\SHOW TRUST.exe -uninstall" --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts PROPRE ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-10 14:36:20 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- => C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker => C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker\11 sans armures.wma => C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\SamsungMediaStudio\rap musique\Ma 6t va cracker\13 ---.wma => C:\Documents and Settings\HP_Administrateur\Bureau\Nero 8.x Ultra Edition KeyGen.exe => C:\Documents and Settings\HP_Administrateur\Bureau\sonykeygen14.exe [F:10836][D:124]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp [F:24][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies [F:832][D:9]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 14:36:42,44 ]----------------------

MSNFix 1.720-1 C:\Documents and Settings\HP_Administrateur\Bureau\MSNFix Fix exécuté le 10/06/2008 - 14:14:06,28 By HP_Administrateur mode normal ************************ Recherche les fichiers présents ... C:\WINDOWS\ehome\ehTray.exe ... C:\??????.exe ... C:\log.txt ... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Setup.exe ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Suppression des fichiers .. OK ... C:\WINDOWS\ehome\ehTray.exe .. OK ... C:\??????.exe .. OK ... C:\log.txt .. OK ... C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Setup.exe ************************ Nettoyage du registre Les fichiers encore présents seront supprimés au prochain redémarrage ************************ Suppression des fichiers .. OK ... C:\WINDOWS\ehome\ehTray.exe ************************ Fichiers suspects Aucun Fichier trouvé Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 10062008_14213645.zip ************************ HKLM\...\Winlogon\Userinit Userinit = C:\WINDOWS\system32\userinit.exe, Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- voici le rapport msnfix ;-D

merci beaucoup ogu je v fairr ca au plus vite ;-D

bonjour, y'en a certains que j'avais plus dans mon ordinateur sur la liste que vous m'avez donné en gras...que dois je faire? :\windows\taskmon.exe c:\program files\macrogaming\sweetim\sweetim.exe c:\documents and settings\all users\application data\part dead amok eggs\load soap.exe c:\documents and settings\hp_adm~1\applic~1\online~1\show trust.exe les 4 la tres precisemment ne sont plus dans mon ordinateur es ce normal?

arf c'est parce que je les supprimais du bloc note du rapport highjackthis ok donc c'est bon ;-D et si j'ai bien compris au final je refait un scan par hijackthis c'est ca? merci en tt cas de votre aide qui me sauve mon ordinateur...

g essayé de le faire mais je bloque a supprimer les fichiers en gras dois je seulement supprimer ce qu'il y'a en gras ou tout la ligne??? et pour d'autres y'a une phrase devant celle que vous m'indiqué et y'a un numero... dois je supprimer tte la ligne ou seulement la phrase indiquée??? merci de votre aide en tout cas

ok alors merci beaucoup de votre aide surtout pear, je vous tiens au courant si j'ai un probleme quand je vais faire tout ca ! ! ! merci encore ;-D

ok alors merci de votre aide et qu'aurais je d'autre a faire après ca svp? :P je sent que je vais y passer des heures a nettoyer tout ca

merci midnighter donc je doit enlever avast alors... mais pear je dois vraiment faire tout ca pour virer ce virus parce que ca m'as l'air drolement compliqué non? merci de vos reponses en tout cas...

Donc voila il y'a de ca quelques jours j'ai été infesté par un virus sur mon ordinateur... a la base avast m'a demandé ce que je voulais faire avec le virus et je l'ai supprimé... mais la j'ai recu des messages dans ma boite mail (par 40 mails) dans toutes les langues enerve.gif après j'ai voulut navigué sur internet mais un message de avast bloquait ma navigation tout le long que j'etais sur le net... j'ai donc fait de nombreux scans par avast, ou il trouvait le rootskit dans les disques locaux (sous disque 32...) il me demandait a chaque fois d'eteindre mon ordi pour refaire un scan a l'allumage, chose qu'il faisait mais le probleme es tjs la j'ai donc debranché mon cable reseau car on m'a dit qu'on pouvait controler mon ordinateur via le trojan ... je me suis reconnecté aujourd'hui et j'ai eu le message comme quoi j'avais toujours le fameux rootskit... et ma boite mail se retrouve bloqué du coup doh.gif en navigant sur le net pour trouver une solution je suis tombé sur le fameux highjackthis , donc je l'ai telecharger et fait un scan et je vais mettre ici le rapport (edité ci dessus) ;-D si quelqu'un peut m'aider ca serait super sympa car mon ordinateur es mon outil de travail et que je n'ai pas d'autres solution... merci d'avance pour tout ceux qui m'aideront icon_Super.gif

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:24:35, on 02/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\WINDOWS\vVX3000.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\DOCUME~1\HP_ADM~1\MESDOC~1\UTILIS~1\SsAAD.exe C:\WINDOWS\taskmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\HP\KBD\KBD.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\imapi.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Wanadoo\GestionnaireInternet.exe C:\Program Files\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Rar$EX00.563\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Online_TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll O3 - Toolbar: Online_TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [ssAAD.exe] C:\DOCUME~1\HP_ADM~1\MESDOC~1\UTILIS~1\SsAAD.exe O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Application Data\part dead amok eggs\load soap.exe O4 - HKLM\..\Run: [taskmon] C:\WINDOWS\taskmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [slow pop] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ONLINE~1\SHOW TRUST.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?bec6824bb4e146cba49e54f87a5f904e O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?bec6824bb4e146cba49e54f87a5f904e O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - file://C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Oberon Media\Oberon Games Host\ddfotg.1.0.0.37.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O24 - Desktop Component 0: (no name) - http://i124.photobucket.com/albums/p26/zef...totdispogif.gif -- End of file - 14591 bytes